Xerox Document Centre Authentication Bypass
High Nessus Network Monitor Plugin ID 2698
SynopsisThe remote host is vulnerable to a flaw that allows for the bypassing of authentication.
DescriptionThe remote host is running Xerox Document Centre, an administrative, web-based GUI to a Xerox device. This version is reportedly prone to a remote authentication bypass attack. While there are no details currently available, it is believed that remote anonymous users may be able to subvert the authentication mechanism in such a way as to gain administrative access to all or portions of the web server.
SolutionUpgrade or patch according to vendor recommendations.