|
Family: CGI abuses --> Category: infos
tektronix's _ncl_items.shtml Vulnerability Scan
Vulnerability Scan Summary Searches for the existence of _ncl_*.shtml
Detailed Explanation for this Vulnerability Test
The file /_ncl_items.shtml or /_ncl_subjects.shtml exists on the
remote web server.
If the remote host is a Tektronix printer, then this page
allows anyone to reconfigure it without any authentication
means whatsoever.
A possible hacker may use this flaw to conduct a denial of service
attack against your business by preventing legitimate users
from printing their work, or against your network, by changing
the IP address of the printer so that it conflicts with the IP
address of your file server.
Solution : Contact Tektronix for a patch and filter incoming
traffic to this port
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|