Xerox WorkCentre Multiple Vulnerabilities (XRX06-006)

high Nessus Plugin ID 23751

Synopsis

The remote multi-function device is affected by multiple issues.

Description

According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly suffers from multiple issues such as command injection and information disclosure vulnerabilities.

Solution

Update to System Software Version 12.060.17.000, 13.060.17.000, or 14.060.17.000 as appropriate.

See Also

https://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf

Plugin Details

Severity: High

ID: 23751

File Name: xerox_xrx06_006.nasl

Version: 1.16

Type: remote

Family: Misc.

Published: 12/1/2006

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/h:xerox:workcentre

Required KB Items: www/xerox_workcentre

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 11/30/2006

Reference Information

CVE: CVE-2006-6427, CVE-2006-6428, CVE-2006-6429, CVE-2006-6430, CVE-2006-6431, CVE-2006-6432

BID: 21365