Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbDennis W. MattisonEDB-ID:19632
HistoryNov 17, 1999 - 12:00 a.m.

Tektronix Phaser Network Printer 740/750/750DP/840/930 PhaserLink WebServer - Retrieve Administrator Password

1999-11-1700:00:00
Dennis W. Mattison
www.exploit-db.com
36

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/806/info


Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics, restart the machine, asign services etc.

In at least one version of this printer there are a series of undocumented URL's which will allow remote users to retrieve the administrator password. Once the password is obtained by the user, they can manipulate the printer in any way they see fit.

To obtain the administrator password:

http://printername/ncl_items.html?SUBJECT=2097

Related

cvelist 1
cve 1
nvd 1
nessus 1
cvelist
cvelist
CVE-1999-1508
2001-09-12 04:00:00
cve
cve
CVE-1999-1508
2001-09-12 04:00:00
nvd
nvd
CVE-1999-1508
1999-11-16 05:00:00
nessus
nessus
Tektronix PhaserLink Printer Web Server Direct Request Administrator Access
1999-11-22 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:19632
cvelist1cve1nvd1nessus1