CVE-2001-0484
CVSS6.4
发布时间 :2001-06-27 00:00:00
修订时间 :2008-09-05 16:24:13
NMCOES    

[原文]Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages.


[CNNVD]ektronix Phaser网络打印机管理界面漏洞(CNNVD-200106-181)

        Tektronix PhaserLink 850版本不能要求认证访问配置网页如_ncl_subjects和_ncl_items.shtml。远程攻击者通过访问网页修改配置信息和导致服务拒绝。

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0484
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0484
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200106-181
(官方数据源) CNNVD

- 其它链接及资源

http://xforce.iss.net/static/6482.php
(UNKNOWN)  XF  tektronix-phaserlink-webserver-backdoor(6482)
http://archives.neohapsis.com/archives/bugtraq/2001-04/0482.html
(VENDOR_ADVISORY)  BUGTRAQ  20010425 Tektronix (Xerox) PhaserLink 850 Webserver Vulnerability (NEW)

- 漏洞信息

ektronix Phaser网络打印机管理界面漏洞
中危 其他
2001-06-27 00:00:00 2005-10-20 00:00:00
远程  
        Tektronix PhaserLink 850版本不能要求认证访问配置网页如_ncl_subjects和_ncl_items.shtml。远程攻击者通过访问网页修改配置信息和导致服务拒绝。

- 公告与补丁

        Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com .

- 漏洞信息 (20806)

Tektronix Phaser 740/750/850/930 Network Printer Administration Interface Vulnerability (EDBID:20806)
hardware remote
2001-04-25 Verified
0 Ltlw0lf
N/A [点击下载]
source: http://www.securityfocus.com/bid/2659/info

A remote vulnerability exists in Tektronix Phaser network printers in the 7xx, 8xx, and 9xx series.

An attacker with access to the printer's local network (or, if no firewall is in place, any attacker) can reach the printer's admin interface, supported by the inbuilt Tektronix PhaserLink webserver.

No authentication is applied to this connection. Arbitrary pages inside the printer's administration interface may be accessed by specifying the desired page in a querystring submitted to the PhaserLink webserver.

No password or other authentication method prevent arbitrary users from making use of this interface.

Using this method, an attacker can activate the printer's 'Emergency Power Off' feature.

This can lead to improper cooling of the ink/crayon reservoir, physically damaging the device.

* The vendor has reported that the printer properly handles 'Emergency Power Off' situations, and that physical damage is unachievable.

Submit http://printername/_ncl_items.shtml&SUBJECT=1

Select "Shutdown" option = "Emergency Power Off". 		

- 漏洞信息

551
Tektronix PhaserLink Multiple Admin Page Unauthenticated Configuration Manipulation
Remote / Network Access Authentication Management, Denial of Service
Loss of Integrity, Loss of Availability Workaround
Exploit Public Third-party Verified

- 漏洞描述

The '_ncl_items.shtml' and '_ncl_subjects.shtml' pages were identified on the host's web server. This file is usually found on the built in administrative web interface of Tektronix printers, and allows an attacker to reconfigure the printer without administrative authorization. The most notable reconfiguration would be to change the network settings or turn the printer off, causing a denial of service.

- 时间线

1999-11-16 Unknow
Unknow Unknow

- 解决方案

Disabling the web interface may not be possible on all models and versions of Tektronix printers. The recommended solution is limit printer access to trusted/protected networks, and to use a unique printer administrative password (to avoid possible password reuse if the password is compromised).

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Tektronix Phaser Network Printer Administration Interface Vulnerability
Origin Validation Error 2659
Yes No
2001-04-25 12:00:00 2009-07-11 06:06:00
Reported to bugtraq by Ltlw0lf <ltlw0lf@nospam.home.com> on April 25, 2001.

- 受影响的程序版本

Tektronix Phaser Network Printer 930
Tektronix Phaser Network Printer 850
Tektronix Phaser Network Printer 750DP
Tektronix Phaser Network Printer 750
Tektronix Phaser Network Printer 740

- 漏洞讨论

A remote vulnerability exists in Tektronix Phaser network printers in the 7xx, 8xx, and 9xx series.

An attacker with access to the printer's local network (or, if no firewall is in place, any attacker) can reach the printer's admin interface, supported by the inbuilt Tektronix PhaserLink webserver.

No authentication is applied to this connection. Arbitrary pages inside the printer's administration interface may be accessed by specifying the desired page in a querystring submitted to the PhaserLink webserver.

No password or other authentication method prevent arbitrary users from making use of this interface.

Using this method, an attacker can activate the printer's 'Emergency Power Off' feature.

This can lead to improper cooling of the ink/crayon reservoir, physically damaging the device.

* The vendor has reported that the printer properly handles 'Emergency Power Off' situations, and that physical damage is unachievable.

- 漏洞利用

Submit http://printername/_ncl_items.shtml&amp;SUBJECT=1

Select "Shutdown" option = "Emergency Power Off".

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站