|
Family: Misc. --> Category: infos
Xerox MicroServer Unauthorized Access Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for authentication bypass vulnerability in Xerox MicroServer
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by an unauthorized access
vulnerability.
Description :
According to its model number and software versions, the remote host
is a Xerox Document Centre or WorkCentre device with an embedded web
server that may allow unauthorized access to the web server directory
structure, which in turn may enable a remote attacker to gain access
rights and to make unauthorized changes to the device's system
configuration.
See also :
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_003.pdf
http://www.xerox.com/downloads/usa/en/c/CERT_Xerox_Security_XRX04-09.pdf
Solution :
Apply the P16 or P21 patches as described in the Xerox bulletins.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|