Insecure Configuration in Xerox DocuTech Multifunction Printers
CVE-2002-1835

Currently unrated

Key Information:

Vendor: Xerox
Status: Docutech 6110; Docutech 6115
Vendor: CVE Published:; 31 December 2002

Summary

Certain Xerox DocuTech models, specifically the 6110 and 6115 running Solaris 8.0, come with numerous unnecessary services enabled by default. This misconfiguration, which includes services like RPC and sprayd, could expose these devices to unauthorized remote access. Attackers with network access may exploit these enabled services to gain control over the printer, leading to potential data breaches or manipulations. Ensuring these devices are properly configured is critical to secure enterprise environments.

References

http://totally.righteous.net/jedgar/overview_of_security.pdf

x_refsource_CONFIRM

http://www.securityfocus.com/bid/4765

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/9108.php

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 31, 2002