Vulnerability Description
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dell | 3000Cn | All versions |
| Dell | 3010Cn | All versions |
| Dell | 3100Cn | All versions |
| Dell | 3110Cn | All versions |
| Dell | 5100Cn | All versions |
| Dell | 5110Cn | All versions |
| Fuji Xerox | Docuprint 181 | All versions |
| Fuji Xerox | Docuprint 181 Network Option Card | All versions |
| Fuji Xerox | Docuprint 211 | All versions |
| Fuji Xerox | Docuprint 211 Network Option Card | All versions |
| Fuji Xerox | Docuprint C1616 | All versions |
| Fuji Xerox | Docuprint C1616 Network Option Card | All versions |
| Fuji Xerox | Docuprint C2535A | All versions |
| Fuji Xerox | Docuprint C525A | All versions |
| Fuji Xerox | Docuprint C525A Network Option Card | All versions |
| Fuji Xerox | Docuprint C830 | All versions |
| Fuji Xerox | Docuprint C830 Network Option Card | All versions |
| Fuji Xerox | Fuji Xerox Printing Systems Print Engine | All versions |
| Fuji Xerox | Phaser 6201J | All versions |
Related Weaknesses (CWE)
References
- http://itso.iu.edu/20060824_FXPS_Print_Engine_VulnerabilitiesPatch
- http://marc.info/?l=bugtraq&m=115652437223454&w=2
- http://secunia.com/advisories/21630
- http://secunia.com/advisories/22463Vendor Advisory
- http://www.osvdb.org/28250
- http://www.securityfocus.com/archive/1/444321/100/0/threaded
- http://www.securityfocus.com/bid/19716
- http://www.vupen.com/english/advisories/2006/3401Vendor Advisory
- http://itso.iu.edu/20060824_FXPS_Print_Engine_VulnerabilitiesPatch
- http://marc.info/?l=bugtraq&m=115652437223454&w=2
- http://secunia.com/advisories/21630
- http://secunia.com/advisories/22463Vendor Advisory
- http://www.osvdb.org/28250
- http://www.securityfocus.com/archive/1/444321/100/0/threaded
- http://www.securityfocus.com/bid/19716
FAQ
What is CVE-2006-2113?
CVE-2006-2113 is a vulnerability with a CVSS score of 6.4 (MEDIUM). The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Netw...
How severe is CVE-2006-2113?
CVE-2006-2113 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-2113?
Check the references section above for vendor advisories and patch information. Affected products include: Dell 3000Cn, Dell 3010Cn, Dell 3100Cn, Dell 3110Cn, Dell 5100Cn.