Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Misc. >> Xerox WorkCentre Pro Multiple Remote Vulnerabilities


Vulnerability Assessment Details

Xerox WorkCentre Pro Multiple Remote Vulnerabilities

Vulnerability Assessment Summary
Checks for multiple remote vulnerabilities in Xerox WorkCentre Pro

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote printer suffers from multiple vulnerabilities.

Description :

According to its model number and software versions, the remote host
is a Xerox WorkCentre device with an embedded web server that suffers
from multiple flaws, including authentication bypass, denial of
service, unauthorized file access, and cross-site scripting.

See also :

http://www.xerox.com/downloads/usa/en/c/cert_XRX05_006.pdf
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_007.pdf

Solution :

Apply the P22 patch as described in the Xerox security bulletins.

Network Security Threat Level:

High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)

Networks Security ID: 14187

Vulnerability Assessment Copyright: This script is Copyright (C) 2005-2006 Tenable Network Security

Cables, Connectors

HP J9146A ProCurve Switch 2910al-24G-PoE + Warranty
$170.0
HP J9146A ProCurve Switch 2910al-24G-PoE + Warranty pictureLancable Full gigabit poe switch for IP camera and AP
$280.0
Lancable Full gigabit poe switch for IP camera and AP pictureLancable Full gigabit poe switch 24 port for IP camera and AP
$295.0
Lancable Full gigabit poe switch 24 port for IP camera and AP pictureCisco SF100D-05 5-Port Desktop 10/100 Switch
$38.81
Cisco SF100D-05 5-Port Desktop 10/100 Switch picture


Discussions

No Discussions have been posted on this vulnerability.