Xerox WorkCentre Multi-Page Document Scan/Fax Information Disclosure (XRX05-002)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

The remote printer is affected by an information disclosure
vulnerability.

Description :

According to its model number and software version, the remote host
is a Xerox WorkCentre device that may, under rare conditions, send a
fax or scan to a different addressee than intended. This occurs only
when faxing (not copying) a multi-page document and a power failure
occurs while scanning the second page and then only if a user operates
either the fax or copy function for more than 9,999 times. It is not
known from where the alternate addressee is derived.

See also :

http://www.nessus.org/u?16527bbc

Solution :

Contact the Xerox Welcome Center and request software version 1.02.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 2.6
(CVSS2#E:H/RL:U/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 18267 ()

Bugtraq ID: 12787

CVE ID: