Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Misc. >> Xerox MicroServer Web Server Multiple Vulnerabilities


Vulnerability Assessment Details

Xerox MicroServer Web Server Multiple Vulnerabilities

Vulnerability Assessment Summary
Checks for multiple vulnerabilities in Xerox MicroServer web server

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote printer suffers from multiple vulnerabilities.

Description :

According to its model number and software versions, the remote host
is a Xerox Document Centre device with an embedded web server that
suffers from multiple flaws, including authentication bypass, denial
of service, unauthorized file access, and cross-site scripting.

See also :

http://www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf

Solution :

Apply the P24 or P25 patches as described in the Xerox security bulletins.

Network Security Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID: 14586

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors

Rare Vintage 8088 Computer TESTED and Working With Monitor Lot Take A Look
$599.99
Rare Vintage  8088 Computer TESTED and Working With Monitor Lot  Take A Look pictureAtari Falcon to Atari ST Video Adapter - NOS
$35.0
Atari Falcon to Atari ST Video Adapter - NOS pictureAtari ST TOS 1.2  US version - 2 chip set
$5.0
Atari ST TOS 1.2  US version - 2 chip set pictureAtari ST TOS 1.0 US version - 6 chip set
$5.0
Atari ST TOS 1.0 US version - 6 chip set picture


Discussions

No Discussions have been posted on this vulnerability.