Vulnerability CVE-2005-0703


Published: 2005-03-07   Modified: 2012-02-12

Description:
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," which allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-1179.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Xerox -> Workcentre m35 
Xerox -> Workcentre 165 
Xerox -> Workcentre m45 
Xerox -> Workcentre 175 
Xerox -> Workcentre m55 
Xerox -> Workcentre 2128 
Xerox -> Workcentre 2636 
Xerox -> Workcentre 32 color 
Xerox -> Workcentre 35 
Xerox -> Workcentre 3545 
Xerox -> Workcentre 40 color 
Xerox -> Workcentre 45 
Xerox -> Workcentre 55 
Xerox -> Workcentre 65 
Xerox -> Workcentre 75 
Xerox -> Workcentre 90 
Xerox -> Workcentre m165 
Xerox -> Workcentre m175 

 References:
http://www.xerox.com/downloads/usa/en/c/cert_XRX05_005.pdf
http://secunia.com/advisories/14507

Copyright 2024, cxsecurity.com

 

Back to Top