Hardcoded Administrator Account Opens Backdoor Access To Samsung Printers 103
hypnosec writes "A new flaw has been discovered in printers manufactured by Samsung whereby a backdoor in the form of an administrator account would enable attackers to not only take control of the flawed device, but will also allow them to attack other systems in the network. According to a warning on US-CERT the administrator account is hard-coded in the device in the form of an SNMP community string with full read-write access. The backdoor is not only present in Samsung printers but also in Dell printers that have been manufactured by Samsung. The administrator account remains active even if SNMP is disabled from the printer's administration interface."
Re:Forget about the printers... (Score:3, Funny)
They're copying Apple's?
I can testify! (Score:5, Funny)
but will also allow them to attack other systems in the network
We had one go on a rampage last week! It tore up half the bay before a couple of us beat to death with a dictionary and one of those big staplers from the copy room. WHY WOULD THEY EVEN PUT HIDDEN ARMS AND LEGS ON A PRINTER?!
Re:not if you need singed paper work (Score:5, Funny)
not if you need singed paper work
Good point. No matter how much heat you apply, you can't get a good char on a softcopy. Not even a little browning. You just burn your monitor.
Nothing burns, shreds, or pulps like paper.
Re:Forget about the printers... (Score:4, Funny)
That's the first thing I thought too, that if we just discovered this in Samsung printers is there a hardcoded backdoor in Samsung galaxy s3 phones too?
Hmm... Good question. If I had one myself, I could tell you just by looking... Does the S3 come with a paper feeder? If so, it certainly has a back door of some kind.
I mean, how else do you clear paper jams?