Vulnerabilities > CVE-2006-0827 - Unspecified vulnerability in Xerox products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN xerox
nessus
Summary
Cross-site scripting vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 12 |
Nessus
| NASL family | Misc. |
| NASL id | XEROX_XRX06_001.NASL |
| description | According to its model number and software version, the remote host is a Xerox WorkCentre device that reportedly is affected by several issues, including authentication bypass / unauthorized network access, denial of service when handling malformed Postscript files, an unspecified cross-site scripting issue, and unspecified errors that might reduce the effectiveness of certain security features. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20951 |
| published | 2006-02-21 |
| reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20951 |
| title | Xerox WorkCentre Multiple Vulnerabilities (XRX06-001) |
References
- http://secunia.com/advisories/18952
- http://secunia.com/advisories/18952
- http://www.securityfocus.com/bid/16727
- http://www.securityfocus.com/bid/16727
- http://www.vupen.com/english/advisories/2006/0668
- http://www.vupen.com/english/advisories/2006/0668
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf
- http://www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24806
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24806