PT-2005-1743 · Xerox · Xerox Microserver Web Server
Published
2005-03-07
·
Updated
2008-09-05
·
CVE-2005-0703
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 versions 2.028.11.000 through 2.97.20.032
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 versions 4.84.16.000 through 4.97.20.032
Xerox MicroServer Web Server for Pro 35/45/55 versions 3.028.11.000 through 3.97.20.032
Xerox MicroServer Web Server for Pro 65/75/90 versions 1.001.00.060 through 1.001.02.084
Description
The issue allows remote attackers to modify system configuration due to an "unauthenticated account".
Recommendations
For versions 2.028.11.000 through 2.97.20.032, update to a version outside of this range to resolve the issue.
For versions 4.84.16.000 through 4.97.20.032, update to a version outside of this range to resolve the issue.
For versions 3.028.11.000 through 3.97.20.032, update to a version outside of this range to resolve the issue.
For versions 1.001.00.060 through 1.001.02.084, update to a version outside of this range to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Xerox Microserver Web Server