PT-2005-2195 · Xerox · Xerox Microserver Web Server
Published
2005-04-19
·
Updated
2017-07-11
·
CVE-2005-1179
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Xerox MicroServer Web Server versions 2.028.11.000 through 2.97.20.032
Xerox MicroServer Web Server versions 4.84.16.000 through 4.97.20.032
Xerox MicroServer Web Server for Pro 35/45/55 versions 3.028.11.000 through 3.97.20.032
Xerox MicroServer Web Server for Pro 65/75/90 versions 1.001.00.060 through 1.001.02.084
Description
The issue is related to SNMP authentication and allows remote attackers to modify system configuration.
Recommendations
For versions 2.028.11.000 through 2.97.20.032, update to a version outside of this range to resolve the issue.
For versions 4.84.16.000 through 4.97.20.032, update to a version outside of this range to resolve the issue.
For Pro 35/45/55 versions 3.028.11.000 through 3.97.20.032, update to a version outside of this range to resolve the issue.
For Pro 65/75/90 versions 1.001.00.060 through 1.001.02.084, update to a version outside of this range to resolve the issue.
As a temporary workaround, consider restricting access to SNMP authentication until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Xerox Microserver Web Server