Lucene search

[email protected]CVE-2006-2113

HistoryAug 25, 2006 - 1:04 a.m.

CVE-2006-2113

2006-08-2501:04:00

CWE-287

[email protected]

web.nvd.nist.gov

fuji xerox

fxps

printing systems

http server

remote attackers

system configuration

denial of service

7.4 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%

JSON

The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.

CPENameOperatorVersion
fuji_xerox:docuprint_c830_network_option_cardfuji xerox docuprint c830 network option cardeq*
fuji_xerox:fuji_xerox_printing_systems_print_enginefuji xerox fuji xerox printing systems print engineeq*
dell:3100cndell 3100cneq*
dell:5110cndell 5110cneq*
fuji_xerox:docuprint_181_network_option_cardfuji xerox docuprint 181 network option cardeq*
dell:3110cndell 3110cneq*
fuji_xerox:phaser_6201jfuji xerox phaser 6201jeq*
dell:3010cndell 3010cneq*
dell:5100cndell 5100cneq*
dell:3000cndell 3000cneq*

CPE	Name	Operator	Version
fuji_xerox:docuprint_c830_network_option_card	fuji xerox docuprint c830 network option card	eq	*
fuji_xerox:fuji_xerox_printing_systems_print_engine	fuji xerox fuji xerox printing systems print engine	eq	*
dell:3100cn	dell 3100cn	eq	*
dell:5110cn	dell 5110cn	eq	*
fuji_xerox:docuprint_181_network_option_card	fuji xerox docuprint 181 network option card	eq	*
dell:3110cn	dell 3110cn	eq	*
fuji_xerox:phaser_6201j	fuji xerox phaser 6201j	eq	*
dell:3010cn	dell 3010cn	eq	*
dell:5100cn	dell 5100cn	eq	*
dell:3000cn	dell 3000cn	eq	*

Rows per page:

1-10 of 191

References

itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities

marc.info/?l=bugtraq&m=115652437223454&w=2

secunia.com/advisories/21630

secunia.com/advisories/22463

www.osvdb.org/28250

www.securityfocus.com/archive/1/444321/100/0/threaded

www.securityfocus.com/bid/19716

www.vupen.com/english/advisories/2006/3401

7.4 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2006-2113

nessus1 prion1 cvelist1 securityvulns1