CVE-2006-6472

The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/23265	Patch Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*
	cpe:2.3:h:xerox:workcentre::::::::
	cpe:2.3:h:xerox:workcentre:::pro:::::*

History

No history.

Information

Published : 2006-12-11 18:28

Updated : 2023-12-10 10:40

NVD link : CVE-2006-6472

Mitre link : CVE-2006-6472

CVE.ORG link : CVE-2006-6472

JSON object : View

Products Affected

xerox

workcentre

CWE

NVD-CWE-Other

{"id": "CVE-2006-6472", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-12-11T18:28:00.000", "references": [{"url": "http://secunia.com/advisories/23265", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The httpd.conf file in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 configures port 443 to be always active, which has unknown impact and remote attack vectors."}, {"lang": "es", "value": "El fichero httpd.conf en Xerox WorkCentre y WorkCentre Pro anterior a 12.050.03.000, 13.x anterior a 13.050.03.000, y 14.x anterior a 14.050.03.000 configura el puerto 443 para estar siempre activo, lo cual tiene impacto y vectores de ataque remotos desconocidos."}], "lastModified": "2008-09-05T21:14:49.753", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FC791FD-B20C-4428-82A0-0E8174B8AB03", "versionEndIncluding": "13.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "628B8A80-E06B-4C8A-BC89-AAF760F28B89", "versionEndIncluding": "13.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9562CF49-A540-4EA5-9120-B7DC007ED78C", "versionEndIncluding": "14.050.02.000"}, {"criteria": "cpe:2.3:h:xerox:workcentre:*:*:pro:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F7027CD-45A4-4759-AAA4-6B069DD2ED38", "versionEndIncluding": "14.050.02.000"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}