Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Device (Printer)  >   ZOT P100s Vendors:   Zero One Technology
Zero One Technology's ZOT P100s Print Server Discloses Information to Remote Users via SNMP Even When Configured Not To
SecurityTracker Alert ID:  1003649
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 25 2002
Impact:   Disclosure of system information
Exploit Included:  Yes  

Description:   An information disclosure vulnerability was reported in the ZOT P100s print server. A remote user can obtain information from the device using SNMP even if SNMP has been disabled.

It is reported that a remote user can use SNMP to obtain information about the device configuration and performance even if SNMP has been disabled and the public community string has been changed.

Impact:   A remote user can obtain information from the device using SNMP even if SNMP has been disabled.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Access control error, State error

Message History:   None.

 Source Message Contents

Subject:  Zero One Tech (ZOT) P100s PrintServer and SNMP


The ZOT P100s is a hardware printserver device
allowing sharing of a parallel printer on a standard
UTP network.

It has embedded telnet, http (among others) and provides
information via SNMP with default community read string.
(have not tried write yet).


After connecting to the device and disabling SNMP,
and setting the public string to non-standard, 
it appears that the device is still accessible.

* verified with SNMPWALK - which enumerates loads
of useful information.

Has anyone had any experience with this product?

Is this a bug?, or something else?



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC