Lucene search

PRIOn knowledge basePRION:CVE-2008-0303

HistoryFeb 29, 2008 - 2:44 a.m.

Design/Logic Flaw

2008-02-2902:44:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.

CPENameOperatorVersion
i-sensyseq5360.0.0-lbp
i-sensyseq3460.0.0-lbp
i-sensyseq3360.0.0-lbp
imagepresseq1.0.99
imagerunnereq6870.0.10599
imagerunnereq7095.0.112
imagerunnereq7086
imagerunnereq4570
imagerunnereq5065.0.110
imagerunnereq5185.0.10599

Name	Operator	Version
i-sensys	eq	5360.0.0-lbp
i-sensys	eq	3460.0.0-lbp
i-sensys	eq	3360.0.0-lbp
imagepress	eq	1.0.99
imagerunner	eq	6870.0.10599
imagerunner	eq	7095.0.112
imagerunner	eq	7086
imagerunner	eq	4570
imagerunner	eq	5065.0.110
imagerunner	eq	5185.0.10599

Rows per page:

1-10 of 611

References

itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack

jvn.jp/en/jp/JVN10056705/index.html

jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000013.html

securitytracker.com/id?1019528

www.kb.cert.org/vuls/id/568073

www.securityfocus.com/bid/28042

www.usa.canon.com/html/security/pdf/CVA-001.pdf

7.1 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for PRION:CVE-2008-0303