Vulnerability Description
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xerox | Docutech 6110 | All versions |
| Xerox | Docutech 6115 | All versions |
References
- http://online.securityfocus.com/archive/1/273029
- http://online.securityfocus.com/archive/1/273089
- http://totally.righteous.net/jedgar/overview_of_security.pdf
- http://www.iss.net/security_center/static/9108.php
- http://www.securityfocus.com/bid/4765
- http://online.securityfocus.com/archive/1/273029
- http://online.securityfocus.com/archive/1/273089
- http://totally.righteous.net/jedgar/overview_of_security.pdf
- http://www.iss.net/security_center/static/9108.php
- http://www.securityfocus.com/bid/4765
FAQ
What is CVE-2002-1836?
CVE-2002-1836 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
How severe is CVE-2002-1836?
CVE-2002-1836 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1836?
Check the references section above for vendor advisories and patch information. Affected products include: Xerox Docutech 6110, Xerox Docutech 6115.