Xerox WorkCentre Extensible Interface Platform Unspecified Security Bypass (XRX08-006)

Critical Nessus Plugin ID 33167


The remote multi-function device is affected by multiple issues.


According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly contains an unspecified vulnerability affecting the Extensible Interface Platform feature in the product's Web Services. A remote attacker may be able to leverage this issue to make changes to the system configuration.


Apply the P34 patch as described in the Xerox security bulletin referenced above.

See Also

Plugin Details

Severity: Critical

ID: 33167

File Name: xerox_xrx08_006.nasl

Version: $Revision: 1.15 $

Type: remote

Family: Misc.

Published: 2008/06/13

Modified: 2016/05/04

Dependencies: 18141

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:xerox:workcentre

Required KB Items: www/xerox_workcentre

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/06/12

Vulnerability Publication Date: 2008/06/12

Reference Information

CVE: CVE-2008-2824

BID: 29691

OSVDB: 46138

Secunia: 30670

CWE: 264