• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Tektronix Phaser Network Printer Administration Interface Vulnerability

Severity: HIGH

Description:

A remote vulnerability exists in Tektronix Phaser network printers, affecting models in the 7xx, 8xx and 9xx series.

An attacker with access to the printer's local network can reach the device's inbuilt web-based admin interface, supported by the Tektronix PhaserLink webserver.

No authentication is applied to this connection. Arbitrary pages inside the printer's administration interface may be accessed by specifying the desired page in a querystring of the following format

URL http://printername/_ncl_items.shtml&SUBJECT=n,

where n= target admin interface page number.

No password or other authentication method prevent arbitrary users from making use of this interface.

Using this method, an attacker can activate the printer's 'Emergency Power Off' feature. This can lead to improper cooling of the ink/crayon reservoir, physically damaging the device.

Note: This issue was originally reported in November, 1999. In addressing the issue, the vendor is said to have adopted the principle of 'security through obscurity'.

This vulnerability, and the fact that it remains exploitable, is an example of the dubious value of this approach to information security.

* The vendor has reported that the printer properly handles 'Emergency Power Off' situations, and that physical damage is unachievable.

Affected Products:

• Tektronix Phaser Network Printer 740
• Tektronix Phaser Network Printer 750
• Tektronix Phaser Network Printer 750DP
• Tektronix Phaser Network Printer 850
• Tektronix Phaser Network Printer 930

References:

• Tektronix: Phaser® 750 homepage
• Tektronix: Phaser® 850 home page
• Tektronix: Phaser®740/740L homepage
• Tektronix: Tektronix Support Homepage

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.