CVE-2006-2113
CVSS6.4
发布时间 :2006-08-24 21:04:00
修订时间 :2016-10-17 23:39:40
NMCOPS    

[原文]The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.


[CNNVD]Fuji Xerox Printing Systems嵌入式HTTP服务器多个漏洞(CNNVD-200608-400)

        Fuji Xerox Printing Systems (FXPS) 打印引擎的嵌入式HTTP服务器,当用于以下软件,包括:(1) Dell 3000cn至5110cn版本,和(2) Fuji Xerox DocuPrint firmware 20060628之前的版本以及Network Option Card硬件5.13之前的版本时,没有对HTTP请求进行正确认证,远程攻击者可借助特制的请求修改系统配置,包括修改管理员密码或触发打印服务器拒绝服务攻击。

- CVSS (基础分值)

CVSS分值: 6.4 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CWE (弱点类目)

CWE-287 [认证机制不恰当]

- CPE (受影响的平台与产品)

cpe:/h:fuji_xerox:phaser_6201j
cpe:/h:fuji_xerox:docuprint_c525a_network_option_card
cpe:/h:fuji_xerox:docuprint_181
cpe:/h:dell:5110cnDell 5110cn
cpe:/h:dell:5100cnDell 5100cn
cpe:/h:fuji_xerox:docuprint_c525a
cpe:/h:dell:3110cnDell 3110cn
cpe:/h:fuji_xerox:docuprint_211
cpe:/h:fuji_xerox:docuprint_211_network_option_card
cpe:/h:fuji_xerox:docuprint_c1616_network_option_card
cpe:/h:dell:3100cnDell 3100cn
cpe:/h:fuji_xerox:docuprint_c2535a
cpe:/h:dell:3010cnDell 3010cn
cpe:/h:fuji_xerox:fuji_xerox_printing_systems_print_engine
cpe:/h:fuji_xerox:docuprint_c1616
cpe:/h:dell:3000cnDell 3000cn
cpe:/h:fuji_xerox:docuprint_181_network_option_card
cpe:/h:fuji_xerox:docuprint_c830_network_option_card
cpe:/h:fuji_xerox:docuprint_c830

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2113
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2113
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200608-400
(官方数据源) CNNVD

- 其它链接及资源

http://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities
(PATCH)  MISC  http://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities
http://marc.info/?l=bugtraq&m=115652437223454&w=2
(UNKNOWN)  BUGTRAQ  20060825 Indiana University Security Advisory: Fuji Xerox Printing Systems (FXPS) print engine vulnerabilitie
http://www.securityfocus.com/archive/1/archive/1/444321/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060825 Indiana University Security Advisory: Fuji Xerox Printing Systems (FXPS) print engine vulnerabilities
http://www.securityfocus.com/bid/19716
(UNKNOWN)  BID  19716
http://www.vupen.com/english/advisories/2006/3401
(VENDOR_ADVISORY)  VUPEN  ADV-2006-3401

- 漏洞信息

Fuji Xerox Printing Systems嵌入式HTTP服务器多个漏洞
中危 输入验证
2006-08-24 00:00:00 2006-10-30 00:00:00
远程  
        Fuji Xerox Printing Systems (FXPS) 打印引擎的嵌入式HTTP服务器,当用于以下软件,包括:(1) Dell 3000cn至5110cn版本,和(2) Fuji Xerox DocuPrint firmware 20060628之前的版本以及Network Option Card硬件5.13之前的版本时,没有对HTTP请求进行正确认证,远程攻击者可借助特制的请求修改系统配置,包括修改管理员密码或触发打印服务器拒绝服务攻击。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        Fuji Xerox Printing Systems Co. DocuPrint C830 0
        Fuji Xerox Printing Systems Co. C83F0607.EXE
        http://download.fujixerox.co.jp/docuprint_c/download/830/fw.html
        Fuji Xerox Printing Systems Co. Phaser 6201J 0
        Fuji Xerox Printing Systems Co. 6201N513.EXE
        http://www.fxpsc.co.jp/download/fw/fw_6201.html
        Fuji Xerox Printing Systems Co. DocuPrint C525A Network Option Card 0
        Fuji Xerox Printing Systems Co. N5250817.EXE
        http://download.fujixerox.co.jp/docuprint_c/download/525a/nic_fw.html
        Fuji Xerox Printing Systems Co. DocuPrint C1616 0
        Fuji Xerox Printing Systems Co. C16F0607.EXE
        http://download.fujixerox.co.jp/docuprint_c/download/1616/fw.html
        Fuji Xerox Printing Systems Co. DocuPrint 181 0
        Fuji Xerox Printing Systems Co. 181F0607.EXE
        http://download.fujixerox.co.jp/docuprint/download/211series/181_firm. html
        Fuji Xerox Printing Systems Co. DocuPrint C525A 0
        Fuji Xerox Printing Systems Co. C5250614.EXE
        http://download.fujixerox.co.jp/docuprint_c/download/525a/fw.html
        Fuji Xerox Printing Systems Co. DocuPrint 211 0
        Fuji Xerox Printing Systems Co. 211F0607.EXE
        http://download.fujixerox.co.jp/docuprint/download/211series/211_firm. html
        Fuji Xerox Printing Systems Co. DocuPrint C830 Network Option Card 0
        Fuji Xerox Printing Systems Co. C83N513.EXE
        http://download.fujixerox.co.jp/docuprint_c/download/830/nic_fw.html
        

- 漏洞信息 (F49473)

fuji-xerox.txt (PacketStormID:F49473)
2006-08-28 00:00:00
 
advisory,web,vulnerability
CVE-2006-2112,CVE-2006-2113
[点击下载]

Indiana University Security Advisory - The Fuji Xerox Printing Systems print engine suffers from multiple vulnerabilities. An FTP bounce attack is possible when FTP printing is enabled. The embedded HTTP server allows unauthenticated access to system configuration and settings.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Indiana University Security Advisory: 
Fuji Xerox Printing Systems (FXPS)[1] print engine vulnerabilities

Advisory ID:
20060824_FXPS_Print_Engine_Vulnerabilities[2]

Revisions:
08-24-2006 2350 UTC	1.0	Initial Public Release

Issues:
FTP bounce attack is possible when FTP printing is enabled
(CVE-2006-2112)[3]

Embedded HTTP server allows unauthenticated access to system
configuration and settings (CVE-2006-2113)[4]

Credit/acknowledgement:
CVE-2006-2112
Date of discovery: 04-11-2006
Nate Johnson, Lead Security Engineer, Indiana University
Sean Krulewitch, Deputy IT Security Officer, Indiana University

CVE-2006-2113
Date of discovery: 04-11-2006
Sean Krulewitch, Deputy IT Security Officer, Indiana University

Summary:
Certain FXPS print engines contain vulnerabilities that allow a remote
attacker to perform FTP bounce attacks through the FTP printing
interface or allow unauthenticated access to the embedded HTTP remote
user interface.  The first vulnerability is due to a failure to restrict
the connections made by the FTP PORT command.  This allows an attacker
to cause the FTP server to make arbitrary connections to ports on
another system, which can be used to bypass access controls and hide the
the true identity of the source of the attacker's traffic.  The second
vulnerability is due to a failure to properly authenticate HTTP
requests.  Specially constructed HTTP requests allow an attacker to make
unauthorized changes to system configuration and settings, and can also
be used to cause a denial of service against a vulnerable print server.
A successful attacker would be able to reset the administrator password
but would not be capable of exposing the current password.

Mitigation/workarounds:
Disabling FTP printing prevents the FTP bounce attack.  Disabling the
embedded web server prevents the DoS/unauthorized configuration change
attack.  Best practice suggests that access controls and network
firewall policies be put into place to only allow connections from
trusted machines and networks.

Criticality:
These vulnerabilities have a combined risk of moderately critical.

Products affected:
Dell 5110cn, firmware versions less than A01 [5]
Dell 3110cn, firmware versions less than A01 [6]
Dell 3010cn, firmware versions less than A01 [7]
Dell 5100cn, firmware versions less than A05 [8]
Dell 3100cn, firmware versions less than A05 [9]
Dell 3000cn, firmware versions less than A05 [10]
Other OEM products using the affected FXPS print engine

Recommended steps:
Apply vendor patches and disable remote protocols that are not
necessary.  

Footnotes:
[1]	http://www.fxpsc.co.jp/en/
[2]	https://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities
[3]	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2112
[4]	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2113
[5]	http://ftp.us.dell.com/printer/R130538.EXE
[6]	http://ftp.us.dell.com/printer/R130356.EXE
[7]	http://ftp.us.dell.com/printer/R132075.EXE
[8]	http://ftp.us.dell.com/printer/R132718.EXE
[9]	http://ftp.us.dell.com/printer/R132079.EXE
[10]	http://ftp.us.dell.com/printer/R132368.EXE

All contents are Copyright 2006 The Trustees of Indiana University. All
rights reserved.

- -- 
Sean Krulewitch, Deputy IT Security Officer
IT Security Office, Office of the VP for Information Technology
Indiana University
For PGP Key or S/MIME cert:  https://www.itso.iu.edu/Sean_Krulewitch

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQA/AwUBRO46FTOEdAVfeKEbEQKc+ACeNvyfI5+GXspTdx32rSxH+WHfXW8AoKPe
AJYb0WM59jddPs4cSXaZOyQq
=Y7Kv
-----END PGP SIGNATURE-----
    

- 漏洞信息

28250
Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authentication Bypass
Remote / Network Access Denial of Service, Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Unknown

- 漏洞描述

Fuji Xerox Printing Systems (FXPS) Print Engine contains a flaw that may allow bypassing certain security restrictions. The issue is triggered because the embedded HTTP server does not authenticate certain HTTP requests correctly. It is possible that the flaw may allow a malicious user to make unauthorized changes to the system configuration or to cause a denial of service resulting in a loss of integrity or availability.

- 时间线

2006-08-24 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Dell has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

- 漏洞信息

Fuji Xerox Printing Systems Embedded HTTP Server Multiple Vulnerabilities
Input Validation Error 19716
Yes No
2006-08-25 12:00:00 2006-10-13 09:49:00
Sean Krulewitch is credited with the discovery of these vulnerabilities.

- 受影响的程序版本

Fuji Xerox Printing Systems Co. Phaser 6201J 0
Fuji Xerox Printing Systems Co. FXPS Print Engine (OEM) 0
Fuji Xerox Printing Systems Co. DocuPrint C830 Network Option Card 0
Fuji Xerox Printing Systems Co. DocuPrint C830 0
Fuji Xerox Printing Systems Co. DocuPrint C525A Network Option Card 0
Fuji Xerox Printing Systems Co. DocuPrint C525A 0
Fuji Xerox Printing Systems Co. DocuPrint C2535A 0
Fuji Xerox Printing Systems Co. DocuPrint C1616 Network Option Card 0
Fuji Xerox Printing Systems Co. DocuPrint C1616 0
Fuji Xerox Printing Systems Co. DocuPrint 211 Network Option Card 0
Fuji Xerox Printing Systems Co. DocuPrint 211 0
Fuji Xerox Printing Systems Co. DocuPrint 181 Network Option Card 0
Fuji Xerox Printing Systems Co. DocuPrint 181 0
Dell 5110cn 0
Dell 5100cn 0
Dell 3110cn 0
Dell 3100cn 0
Dell 3010cn 0
Dell 3000cn 0
Fuji Xerox Printing Systems Co. Phaser 6201J 5.13
Fuji Xerox Printing Systems Co. DocuPrint C830 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint C525A Network Option Card 8.17
Fuji Xerox Printing Systems Co. DocuPrint C1616 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint 211 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint 181 Network Option Card 5.13
Dell 5110cn A01
Dell 5100cn A05
Dell 3110cn A01
Dell 3100cn A05
Dell 3010cn A01
Dell 3000cn A05

- 不受影响的程序版本

Fuji Xerox Printing Systems Co. Phaser 6201J 5.13
Fuji Xerox Printing Systems Co. DocuPrint C830 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint C525A Network Option Card 8.17
Fuji Xerox Printing Systems Co. DocuPrint C1616 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint 211 Network Option Card 5.13
Fuji Xerox Printing Systems Co. DocuPrint 181 Network Option Card 5.13
Dell 5110cn A01
Dell 5100cn A05
Dell 3110cn A01
Dell 3100cn A05
Dell 3010cn A01
Dell 3000cn A05

- 漏洞讨论

Fuji Xerox Printing Systems (FXPS) Embedded HTTP Server is prone to authentication-bypass and denial-of-service vulnerabilities. These issues occur because the application fails to properly validate HTTP requests.

An attacker can exploit these issues to bypass authentication and gain administrative access to the affected embedded application or to cause denial-of-service conditions. This may lead to other attacks.

- 漏洞利用

Attackers can exploit this issue via a web client.

- 解决方案

The vendor has released updated firmware to address these issues.

Please see the references for more information.


Fuji Xerox Printing Systems Co. DocuPrint C830 0

Fuji Xerox Printing Systems Co. Phaser 6201J 0

Fuji Xerox Printing Systems Co. DocuPrint C525A Network Option Card 0

Fuji Xerox Printing Systems Co. DocuPrint C1616 0

Fuji Xerox Printing Systems Co. DocuPrint 181 0

Fuji Xerox Printing Systems Co. DocuPrint C525A 0

Fuji Xerox Printing Systems Co. DocuPrint 211 0

Fuji Xerox Printing Systems Co. DocuPrint C830 Network Option Card 0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站