-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Indiana University Security Advisory:
Canon Multi Function Devices vulnerable to FTP bounce attack.
Advisory ID:
20080229 Canon MFD FTP bounce attack
Advisory revisions:
Credit/acknowledgement:
CVE-2008-0303
Summary:
Certain Canon Multi Function Devices (see Products affected below) allow
remote attackers to redirect traffic to other sites (aka FTP bounce) via
the PORT command, a variant of CVE-1999-0017.
Mitigation/workarounds:
Disable FTP printing:
~ o Navigate to Additional Functions -> System Settings -> Network
Settings -> TCP/IP Settings -> FTP print.
~ o Set FTP print to OFF.
Protect FTP printing with username/password credentials:
~ o Navigate to Additional Functions -> System Settings -> Network
Settings -> TCP/IP Settings -> FTP print.
~ o Set "user name" and "password" for the FTP print functionality.
Firmware updates that fix the vulnerability are available, but are not
user installable. They require a service technician call. If one of the
above two workarounds are not sufficient, please contact your local Canon
Authorized Service Dealer.
Additionally, best practices suggest that access controls and network
firewall policies be put into place to only allow connections from trusted
machines and networks.
Criticality:
This vulnerability has a risk of not critical.
Products affected:
References:
iEYEARECAAYFAkfIHaUACgkQGQUVGJudcw5iggCgmUYzUJWIrEPVpX6zT9sJBP0W
8gQAni3LJJPbsWOCv5SEyA7OKU5tsVHC
=Vu5P
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/