| VID |
29116 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Printer |
| Detailed Description |
The Xerox MicroServer Web server, according to its version number, has a denial of service vulnerability. Xerox Document Centre and WorkCentre are a color printer used for copying, printing, scans, email, fax, and Internet fax. Multiple versions of Xerox Document Centre and WorkCentre are vulnerable to a denial of service attack, caused by an unspecified memory corruption error in the MicroServer Web Server when processing URLs. This can be exploited via a specially crafted URL to cause an affected Web server to restart.
* Note: This check solely relied on the model number and software version number of the remote Xerox Document Centre or WorkCentre device extracted from its embedded Web server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/14557
http://www.office.xerox.com/support/
* Platforms Affected:
Multiple versions of Xerox Document Centre and WorkCentre |
| Recommendation |
Apply the P10 and P11 patches, as listed in the following Xerox security bulletins:
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_004.pdf
http://www.xerox.com/downloads/usa/en/c/CERT_Xerox_Security_XRX04-07.pdf |
| Related URL |
(CVE) |
| Related URL |
12782 (SecurityFocus) |
| Related URL |
19657 (ISS) |
|
