Vulnerabilities > Xerox

DATE CVE VULNERABILITY TITLE RISK
2005-07-11 CVE-2005-2202 Cross-Site Scripting vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545
Cross-site scripting (XSS) vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
network
xerox
4.3
2005-07-11 CVE-2005-2201 Denial-Of-Service vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545
Unknown vulnerability in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to cause a denial of service or access files via crafted HTTP requests.
network
low complexity
xerox
6.4
2005-07-11 CVE-2005-2200 Security Bypass vulnerability in Xerox Workcentre 2128, Workcentre 2636 and Workcentre 3545
Multiple unknown vulnerabilities in the MicroServer Web Server for Xerox WorkCentre Pro Color 2128, 2636, and 3545, version 0.001.04.044 through 0.001.04.504, allow attackers to bypass authentication.
network
low complexity
xerox
7.5
2005-06-13 CVE-2005-1936 Remote Authentication Bypass vulnerability in Xerox Document Centre ESS/Network Controller Web Server
Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 and earlier allows attackers to "gain unauthorized access."
network
low complexity
xerox
7.5
2005-05-02 CVE-2005-1179 SNMP Authentication Bypass vulnerability in Xerox MicroServer
Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to SNMP authentication, allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-0703.
network
low complexity
xerox
5.0
2005-03-07 CVE-2005-0703 Remote Security vulnerability in WorkCentre 40 Color
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," which allows remote attackers to modify system configuration, a different vulnerability than CVE-2005-1179.
network
low complexity
xerox
5.0
2002-12-31 CVE-2002-1836 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
network
low complexity
xerox
5.0
2002-12-31 CVE-2002-1835 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 running Solaris 8.0 has a large number of unnecessary services enabled such as RPC and sprayd, which could allow remote attackers to obtain access to the device.
network
low complexity
xerox
7.5
2002-12-31 CVE-2002-1834 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history.
network
low complexity
xerox
6.4
2002-12-31 CVE-2002-1833 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to gain privileges.
network
low complexity
xerox
7.5