| VID |
29118 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Printer |
| Detailed Description |
The Xerox WorkCentre device, according to its version number, has multiple vulnerabilities. Xerox WorkCentre is a color printer used for copying, printing, scans, email, fax, and Internet fax. Multiple versions of Xerox WorkCentre are vulnerable to multiple vulnerabilities, caused by an unspecified reason, which can be exploited by a remote attacker to cause a denial of service, gain unauthorized access to the device, conduct cross-site scripting attacks, or bypass authentication.
* Note: This check solely relied on the model number and software version number of the remote Xerox WorkCentre device extracted from its embedded Web server to assess this vulnerability, so this might be a false positive.
* References:
http://secunia.com/advisories/16467
http://secunia.com/advisories/16467
http://securitytracker.com/id?1014429
http://secunia.com/advisories/15970
http://www.osvdb.org/displayvuln.php?osvdb_id=17765
http://www.osvdb.org/displayvuln.php?osvdb_id=17766
* Platforms Affected:
Multiple versions of Xerox WorkCentre |
| Recommendation |
Apply the P22 and P23 patches, as listed in the following Xerox security bulletins:
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_007.pdf |
| Related URL |
CVE-2005-2645,CVE-2005-2200,CVE-2005-2201,CVE-2005-2646 (CVE) |
| Related URL |
14187 (SecurityFocus) |
| Related URL |
21294 (ISS) |
|
