关联漏洞
标题:HP 多款产品缓冲区错误漏洞 (CVE-2021-3438)Description:HP Color LaserJet Pro M280-M281是美国惠普(HP)公司的一款打印机。 HP 多款产品存在缓冲区错误漏洞,该漏洞源于软件驱动程序中的潜在缓冲区溢出可能导致特权升级。以下产品和版本受到影响:HP Color Laser 150 Series,HP Color Laser MFP 178/179 Series,HP Laser 103/107/108 Series,HP Laser 408 Printer Series,HP Laser MFP 131/133/135/137/13
Description
Detection and remediation for CVE-2021-3438 with Powershell
介绍
## What is included?
* CVE-2021-3438_detection v2_sccm.ps1 is a script to run via sccm to get a small report on the vulnerability of managed devices.
* CVE-2021-3438_detection.ps1 is a script to run manually or remote on a managed device.
* CVE-2021-3438_remediation.ps1 is a script to check and run the installers if vulnerable drivers are detected.
* HP-Samsung.exe is the HP/Samsung fix installer
* Xerox is the Xerox fix installer.
## How to execute these scripts?
Instant run:
```
PS> CVE-2021-3438_detection.ps1
```
Importing the function:
```
PS> import-module CVE-2021-3438_detection.ps1
PS> Get-VulnerablePrinter
```
or
```
PS> . .\CVE-2021-3438_detection.ps1
PS> Get-VulnerablePrinter
```
## Sources
* https://support.hp.com/us-en/document/ish_3900395-3833905-16/hpsbpi03724
* https://securitydocs.business.xerox.com/wp-content/uploads/2021/05/cert_Security_Mini_Bulletin_XRX21K_for_B2XX_PH30xx_3260_3320_WC3025_32xx_33xx.pdf
文件快照
[4.0K] /data/pocs/16f242af74399a5f482be19224a0cd80df12052e
├── [3.5K] CVE-2021-3438_detection.ps1
├── [3.2K] CVE-2021-3438_detection v2_sccm.ps1
├── [6.1K] CVE-2021-3438_remediation.ps1
├── [184K] HP-Samsung.exe
├── [ 938] README.md
└── [179K] Xerox.exe
0 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。