| VID |
29117 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Printer |
| Detailed Description |
The Xerox WorkCentre device, according to its version number, has Multiple Unauthorized Access vulnerabilities. Xerox WorkCentre is a color printer used for copying, printing, scans, email, fax, and Internet fax. Multiple versions of Xerox WorkCentre could allow a remote attacker to bypass the user authentication. These vulnerabilities are caused due to the existence of an unauthenticated user account in the web server code and some unspecified errors in the SNMP authentication. This can be exploited to gain unauthorized access and modify the system configuration.
* Note: This check solely relied on the model number and software version number of the remote Xerox WorkCentre device extracted from its embedded Web server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/14507
http://www.office.xerox.com/support/
* Platforms Affected:
Multiple versions of Xerox WorkCentre |
| Recommendation |
Apply the P21 patch, as listed in the following Xerox security bulletin:
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_005.pdf |
| Related URL |
CVE-2005-0703,CVE-2005-1179 (CVE) |
| Related URL |
12731,13196,13198 (SecurityFocus) |
| Related URL |
19602,20192 (ISS) |
|
