PT-2006-7081 · Xerox+1 · Xerox Workcentre+2

Published

2006-12-11

Updated

2008-09-05

CVE-2006-6472

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Xerox WorkCentre versions prior to 12.050.03.000 Xerox WorkCentre Pro versions 13.x prior to 13.050.03.000 Xerox WorkCentre Pro versions 14.x prior to 14.050.03.000

Description The issue concerns the configuration of the httpd.conf file, which sets port 443 to always be active. This configuration has an unknown impact and may allow for remote attack vectors.

Recommendations For Xerox WorkCentre versions prior to 12.050.03.000, update to version 12.050.03.000 or later. For Xerox WorkCentre Pro versions 13.x prior to 13.050.03.000, update to version 13.050.03.000 or later. For Xerox WorkCentre Pro versions 14.x prior to 14.050.03.000, update to version 14.050.03.000 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-6472

Affected Products

Xerox Workcentre

Xerox Workcentre Pro

Httpd.Conf

PT-2006-7081 · Xerox+1 · Xerox Workcentre+2

CVE-2006-6472

Related Identifiers

Affected Products

References · 3