Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> CGI abuses >> tektronix's _ncl_items.shtml


Vulnerability Assessment Details

tektronix's _ncl_items.shtml

Vulnerability Assessment Summary
Searches for the existence of _ncl_*.shtml

Detailed Explanation for this Vulnerability Assessment

The file /_ncl_items.shtml or /_ncl_subjects.shtml exists on the
remote web server.
If the remote host is a Tektronix printer, then this page
permits anyone to reconfigure it without any authentication
means whatsoever.

A possible hacker may use this flaw to conduct a denial of service
attack against your business by preventing legitimate users
from printing their work, or against your network, by changing
the IP address of the printer so that it conflicts with the IP
address of your file server.

Solution : Contact Tektronix for a patch and filter incoming
traffic to this port
Network Security Threat Level: Low

Networks Security ID: 2659

Vulnerability Assessment Copyright: This script is Copyright (C) 2001 Renaud Deraison

Cables, Connectors

1x IBM SYSTEM X3550 M3 SERVER Dual X5680 3.33 GHz 36GB RAM no HDD
$299.99
1x IBM SYSTEM X3550 M3 SERVER Dual X5680 3.33 GHz 36GB RAM  no HDD pictureIBM Server POWER 780 9179-MHD 8x 4C POWER7 4.42Ghz 512GB
$5999.0
IBM Server POWER 780 9179-MHD 8x 4C POWER7 4.42Ghz 512GB pictureIBM PS/2 9598 SERVER 85 320MB Hard Disk Drive (SCSI) IBM FRU 85F0011
$5.0
IBM PS/2 9598 SERVER 85 320MB Hard Disk Drive (SCSI) IBM FRU 85F0011 pictureIBM 04N5250 16-Slot SDRAM DIMM Server Memory Expansion Plug-In Card/Board/Module
$14.99
IBM 04N5250 16-Slot SDRAM DIMM Server Memory Expansion Plug-In Card/Board/Module picture


Discussions

No Discussions have been posted on this vulnerability.