CVE-2006-2113

Dell 3000cn - Authentication Bypass

Title source: rule

Description

The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.

References (8)

[Patch] http://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities

[Mailing List] http://marc.info/?l=bugtraq&m=115652437223454&w=2

[Vendor Advisory] http://secunia.com/advisories/22463

[Third Party Advisory, VDB Entry] http://www.osvdb.org/28250

[Vendor Advisory] http://www.vupen.com/english/advisories/2006/3401

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/444321/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/19716

[Third Party Advisory] http://secunia.com/advisories/21630

Scores

EPSS 0.0253

EPSS Percentile 85.3%

Classification

CWE

CWE-287

Status draft

Affected Products (19)

dell/3000cn

dell/3010cn

dell/3100cn

dell/3110cn

dell/5100cn

dell/5110cn

fuji_xerox/docuprint_181

fuji_xerox/docuprint_181_network_option_card

fuji_xerox/docuprint_211

fuji_xerox/docuprint_211_network_option_card

fuji_xerox/docuprint_c1616

fuji_xerox/docuprint_c1616_network_option_card

fuji_xerox/docuprint_c2535a

fuji_xerox/docuprint_c525a

fuji_xerox/docuprint_c525a_network_option_card

... and 4 more

Timeline

Published Aug 25, 2006

Tracked Since Feb 18, 2026