CVE-2006-6434
https://notcve.org/view.php?id=CVE-2006-6434
Unspecified vulnerability in the Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 allows remote attackers to bypass authentication controls via unknown vectors. Vulnerabilidad no especificada en Web User Interface en Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000, y 14.x anterior 14.050.03.000 permite a un atacante remoto evitar los controles de validación a través de vectores desconocidos. • http://secunia.com/advisories/23265 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf •
CVE-2006-6438
https://notcve.org/view.php?id=CVE-2006-6438
Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 leaves sensitive user data in http.log after an Immediate Image Overwrite (IIO), which allows local users to obtain the data by reading the http.log file. Xerox WorkCentre y WorkCentre Pro anterior 12.050.03.000, 13.x anterior 13.050.03.000, y 14.x anterior 14.050.03.000 deja datos de usuario en http.log después de un Immediate Image Overwrite (IIO), lo cual permite a un usuario local obtener datos a través de la lectura del fichero http.log • http://secunia.com/advisories/23265 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf •
CVE-2006-5290
https://notcve.org/view.php?id=CVE-2006-5290
The ESS/ Network Controller and MicroServer Web Server components of Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265 and 275 allow remote attackers to bypass authentication and execute arbitrary code via "WebUI command injection on TCP/IP hostname." Los componentes ESS/ Network Controller y MicroServer Web Server de Xerox WorkCentre y WorkCentre Pro 232, 238, 245, 255, 265 y 275 permiten a un atacante remoto evitar la validación y ejecutar código de su elección a través de "comando de inyección WebUI sobre el TCP/IP del nomber del host". • http://secunia.com/advisories/22252 http://securitytracker.com/id?1016981 http://www.securityfocus.com/bid/20334/info http://www.vupen.com/english/advisories/2006/3921 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_005.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/29357 •
CVE-2006-0828
https://notcve.org/view.php?id=CVE-2006-0828
Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to "reduce effectiveness of security features" via unknown attack vectors. • http://secunia.com/advisories/18952 http://securitytracker.com/id?1015648 http://www.vupen.com/english/advisories/2006/0668 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf •
CVE-2006-0826
https://notcve.org/view.php?id=CVE-2006-0826
Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request. • http://secunia.com/advisories/18952 http://securitytracker.com/id?1015648 http://www.securityfocus.com/bid/16723 http://www.vupen.com/english/advisories/2006/0668 http://www.xerox.com/downloads/usa/en/c/cert_XRX06_001.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/24805 •