Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Misc. >> Xerox WorkCentre Multi-Page Document Information Disclosure Vulnerability

Vulnerability Assessment Details

Xerox WorkCentre Multi-Page Document Information Disclosure Vulnerability

Vulnerability Assessment Summary
Checks for multi-page document information disclosure vulnerability in Xerox WorkCentre devices

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote printer is affected by an information disclosure
vulnerability.

Description :

According to its model number and software versions, the remote host
is a Xerox WorkCentre device that may, under rare conditions, send a
fax or scan to a different addressee than intended. This occurs only
when faxing (not copying) a multi-page document and a power failure
occurs while scanning the second page and then only if a user operates
either the fax or copy function for more than 9,999 times. It is not
known from where the alternate addressee is derived.

See also :

http://www.xerox.com/downloads/usa/en/c/CERT_Xerox_Security_XRX05_002.pdf

Solution :

Contact the Xerox Welcome Center and request software version 1.02.

Network Security Threat Level:

Low / CVSS Base Score : 1
(AV:L/AC:H/Au:NR/C:P/A:N/I:N/B:N)

Networks Security ID: 12787

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors