Hewlett-Packard Company Information for VU#550620
Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link
- Vendor Information Help Date Notified: 10 Feb 2015
- Statement Date: 20 Mar 2015
- Date Updated: 20 Mar 2015
No statement is currently available from the vendor regarding this vulnerability.
Previous generations of HP printing products may use an implementation of mDNS for device discovery on the network which allows detection outside the local network segment. While this implementation is not recommended by RFC 6762 Section 5.5, it is allowed within the specification. HP’s networking infrastructure for its current device fleet uses an Apple Bonjour implementation with Bonjour.
For customers concerned with mDNS use on their network, HP recommends filtering mDNS on UDP Port 5353 at the network perimeter. If desired the customer can manually disable mDNS on supported products using the embedded web server (EWS) configuration functionality (such as the Color LaserJet 4700, Figure A), however this may impact device discovery features including AirPrint, Mopria, and Google Cloud Print 2.0.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.