Detections
Analytics

Xerox WorkCentre Multiple Samba Vulnerabilities (XRX08-001)

critical Nessus Plugin ID 29965

Language:

Synopsis

The remote multi-function device is affected by multiple issues.

Description

According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly is affected by multiple buffer overflow and remote command injection issues. Using specially- crafted RPC requests, an unauthenticated attacker could leverage these issues to run arbitrary code on the affected device or make unauthorized changes to its system configuration.

Solution

Apply the P32 patch as described in the Xerox security bulletin referenced above.

See Also

https://www.xerox.com/downloads/usa/en/c/cert_XRX08_001.pdf

Plugin Details

Severity: Critical

ID: 29965

File Name: xerox_xrx08_001.nasl

Version: 1.17

Type: remote

Family: Misc.

Published: 1/14/2008

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:xerox:workcentre

Required KB Items: www/xerox_workcentre

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/11/2007

Vulnerability Publication Date: 5/14/2007

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Samba "username map script" Command Execution)

Reference Information

CVE: CVE-2007-2446, CVE-2007-2447

BID: 23972, 23973, 24195, 24196, 24197, 24198