Forgive me if this self evident or discussed in the article, my head was reeling by the time I got to the end. I'd appreciate if it anyone could confirm that I understand the situation correctly:
1. The buffer overflow identified exists in a JPEG parser that was written by HP from scratch. Therefore this exploit may only apply to the specific models of HP fax that utilise this firmware (and HP have already patched it, so a fix is available).
2. Disabling colour faxes would mitigate the vulnerability. (I've just scanned three years worth of fax logs from our fax server and we've never received a colour fax).
3. These mitigations aside, the principle remains that fax is often present without any kind of security attached directly to the network and thought should be given to isolating fax infrastructure to reduce exposure to exploitation. (Additionally the constant and ongoing lobby to management to permanently retire fax should be maintained).
1. That someone wrote. Maybe HP got it from an OEM and it is in dozens of manufacturers' machines.
2. Would mitigate this vulnerability. And, the nasty thing about this is that it could potentially rewrite your logs. You can't trust a compromised machine to tell the truth.
1. The buffer overflow identified exists in a JPEG parser that was written by HP from scratch. Therefore this exploit may only apply to the specific models of HP fax that utilise this firmware (and HP have already patched it, so a fix is available).
2. Disabling colour faxes would mitigate the vulnerability. (I've just scanned three years worth of fax logs from our fax server and we've never received a colour fax).
3. These mitigations aside, the principle remains that fax is often present without any kind of security attached directly to the network and thought should be given to isolating fax infrastructure to reduce exposure to exploitation. (Additionally the constant and ongoing lobby to management to permanently retire fax should be maintained).