PT-2005-3536 · Xerox · Document Centre 490+8

Publicado

2005-08-21

Atualizado

2008-09-05

CVE-2005-2646

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:P

Name of the Vulnerable Software and Affected Versions Xerox MicroServer Web Server versions in Document Centre 220 through 265 Xerox MicroServer Web Server versions in Document Centre 332 and 340 Xerox MicroServer Web Server versions in Document Centre 420 through 490 Xerox MicroServer Web Server versions in Document Centre 535 through 555

Description The issue allows remote attackers to cause a denial of service or read files via crafted HTTP requests.

Recommendations For versions in Document Centre 220 through 265, restrict access to the web server to minimize the risk of exploitation. For versions in Document Centre 332 and 340, consider disabling the web server until a fix is available. For versions in Document Centre 420 through 490, avoid using crafted HTTP requests in the affected API endpoints until the issue is resolved. For versions in Document Centre 535 through 555, restrict access to sensitive files to prevent unauthorized reading.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2646

Produtos afetados

Document Centre 220

Document Centre 265

Document Centre 332

Document Centre 340

Document Centre 420

Document Centre 490

Document Centre 535

Document Centre 555

Xerox Microserver Web Server

PT-2005-3536 · Xerox · Document Centre 490+8

CVE-2005-2646

Identificadores relacionados

Produtos afetados

Referências · 5