| VID |
29001 |
| Severity |
40 |
| Port |
80 |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Tektronix PhaserLink webserver allows access to admin interface with no authentication.
Tektronix PhaserLink Web server is a built-in Web server shipped with Tektronix Phaser 7xx, 8xx, and 9xx series network printers that allow administrators to access the admin interface.
Due to no authentication requirement present when connecting to the Web server, a remote attacker could request a special URL to view the administrator configuration pages such as ncl_subjects.html and ncl_items.html and obtain a valid username and password. This allows the attacker to directly reconfigure the printer.
* References:
http://www.securityfocus.com/bid/806
http://marc.theaimsgroup.com/?l=bugtraq&m=94286041430870&w=2 |
| Recommendation |
1. Block Port 80 access to this printer via a router or firewall.
2. Disable the PhaserLink Webserver on the printer. This can be accomplished through the control panel, switching the HTTP Protocol to Disabled (Under Printer Configuration | Network Settings | HTTP), but it can also be accomplished via the URL http://printername/ncl_items?SUBJECT=2097 , then switch the setting "On" to off.
* The webpage related to the products: http://www.officeprinting.xerox.com/products/ |
| Related URL |
CVE-1999-1508 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
