Difference between revisions of "Code execution"

Latest revision as of 19:22, 15 January 2017

Any computer system may be prone to malicious code execution. Printers are no exception. While there are numerous potential attack vectors, two standard ways of importing foreign code are present in most of today's printers and MFPs by design: the ability to perform firmware updates and to install additional software packages. Furthermote, a short introduction to the danger of buffer overflows in embedded devices is given.

Currently, the following techniques to achieve code execution are discussed in this wiki:

Buffer overflows – Smashing the stack based on unsanitized LPD and PJL input
Firmware updates – Deploying malicious firmware through ordinary print jobs
Software packages – Installing custom software on MFPs and printer devices

@@ Line 1: / Line 1: @@
-''Currently, the following denial of service techniques are discussed in this wiki:''
+Any computer system may be prone to malicious code execution. Printers are no exception. While there are numerous potential attack vectors, two standard ways of importing foreign code are present in most of today's printers and MFPs by design: the ability to perform firmware updates and to install additional software packages. Furthermote, a short introduction to the danger of buffer overflows in embedded devices is given.
+''Currently, the following techniques to achieve code execution are discussed in this wiki:''
 * [[Buffer overflows]] – Smashing the stack based on unsanitized [[LPD]] and [[PJL]] input
 * [[Firmware updates]] – Deploying malicious firmware through ordinary print jobs
 * [[Software packages]] – Installing custom software on MFPs and printer devices

Difference between revisions of "Code execution"

Latest revision as of 19:22, 15 January 2017

Navigation menu

Views

Personal tools

Navigation

Search

Tools