Detections
Analytics
Xerox Document Centre MicroServer Web Server Directory Navigation Crafted URL DoS (XRX05-004)
high Nessus Plugin ID 18268
Language:
Synopsis
The remote web server is susceptible to a denial of service attack.Description
According to its model number and software version, the remote host is a Xerox Document Centre or WorkCentre device with an embedded web server that is prone to remote denial of service attacks.Specifically, memory on the affected device can become corrupted, triggering a crash and restart, when the web server processes a malicious URI designed to navigate through various unspecified directories.
Solution
Apply the P10 or P11 patches as described in the Xerox bulletins.See Also
https://www.xerox.com/downloads/usa/en/c/cert_XRX05_004.pdf
https://www.xerox.com/downloads/usa/en/c/CERT_Xerox_Security_XRX04-07.pdf
Plugin Details
Severity: High
ID: 18268
File Name: xerox_xrx05_004.nasl
Version: 1.16
Type: remote
Family: Misc.
Published: 5/16/2005
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
Vulnerability Information
CPE: cpe:/h:xerox:workcentre, cpe:/h:xerox:document_centre
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 3/7/2005
Reference Information
BID: 12782