Vulnerabilities > CVE-2006-0825 - Local Authentication Bypass vulnerability in Xerox WorkCentre Products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple unspecified vulnerabilities in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allow remote attackers to bypass authentication or gain "unauthorized network access" via unknown attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 12 |
Nessus
| NASL family | Misc. |
| NASL id | XEROX_XRX06_001.NASL |
| description | According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly is affected by several issues, including authentication bypass / unauthorized network access, denial of service when handling malformed Postscript files, an unspecified cross-site scripting issue, and unspecified errors that might reduce the effectiveness of certain security features. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20951 |
| published | 2006-02-21 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20951 |
| title | Xerox WorkCentre Multiple Vulnerabilities (XRX06-001) |
References
- http://secunia.com/advisories/18952
- http://securitytracker.com/id?1015648
- http://www.osvdb.org/23359
- http://www.securityfocus.com/bid/16726
- http://www.vupen.com/english/advisories/2006/0668
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24804