Lucene search

[email protected]CVE-2006-2113

HistoryAug 25, 2006 - 1:04 a.m.

CVE-2006-2113

2006-08-2501:04:00

CWE-287

[email protected]

web.nvd.nist.gov

fuji xerox

fxps

printing systems

http server

remote attackers

system configuration

denial of service

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.

Affected configurations

NVD

Node

dell3000cn

dell3010cn

dell3100cn

dell3110cn

dell5100cn

dell5110cn

fuji_xeroxdocuprint_181

fuji_xeroxdocuprint_181_network_option_card

fuji_xeroxdocuprint_211

fuji_xeroxdocuprint_211_network_option_card

fuji_xeroxdocuprint_c1616

fuji_xeroxdocuprint_c1616_network_option_card

fuji_xeroxdocuprint_c2535a

fuji_xeroxdocuprint_c525a

fuji_xeroxdocuprint_c525a_network_option_card

fuji_xeroxdocuprint_c830

fuji_xeroxdocuprint_c830_network_option_card

fuji_xeroxfuji_xerox_printing_systems_print_engine

fuji_xeroxphaser_6201j

CPENameOperatorVersion
dell:3000cndell 3000cneq*
dell:3010cndell 3010cneq*
dell:3100cndell 3100cneq*
dell:3110cndell 3110cneq*
dell:5100cndell 5100cneq*
dell:5110cndell 5110cneq*
fuji_xerox:docuprint_181fuji xerox docuprint 181eq*
fuji_xerox:docuprint_181_network_option_cardfuji xerox docuprint 181 network option cardeq*
fuji_xerox:docuprint_211fuji xerox docuprint 211eq*
fuji_xerox:docuprint_211_network_option_cardfuji xerox docuprint 211 network option cardeq*

CPE	Name	Operator	Version
dell:3000cn	dell 3000cn	eq	*
dell:3010cn	dell 3010cn	eq	*
dell:3100cn	dell 3100cn	eq	*
dell:3110cn	dell 3110cn	eq	*
dell:5100cn	dell 5100cn	eq	*
dell:5110cn	dell 5110cn	eq	*
fuji_xerox:docuprint_181	fuji xerox docuprint 181	eq	*
fuji_xerox:docuprint_181_network_option_card	fuji xerox docuprint 181 network option card	eq	*
fuji_xerox:docuprint_211	fuji xerox docuprint 211	eq	*
fuji_xerox:docuprint_211_network_option_card	fuji xerox docuprint 211 network option card	eq	*

Rows per page:

1-10 of 191

References

itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities

marc.info/?l=bugtraq&m=115652437223454&w=2

secunia.com/advisories/21630

secunia.com/advisories/22463

www.osvdb.org/28250

www.securityfocus.com/archive/1/444321/100/0/threaded

www.securityfocus.com/bid/19716

www.vupen.com/english/advisories/2006/3401

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.074 Low

EPSS

Percentile

94.1%

JSON

Related for CVE-2006-2113

prion1 nessus1 cvelist1 nvd1 securityvulns1