CVE-2006-6435 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allows remote attackers to more easily gain system access and obtain sensitive information via a brute force attack.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Xerox	Workcentre	12.060.17.000

References

http://secunia.com/advisories/23265Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdfPatch
http://secunia.com/advisories/23265Vendor Advisory
http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdfPatch

FAQ

What is CVE-2006-6435?

CVE-2006-6435 is a vulnerability with a CVSS score of 7.5 (HIGH). The SNMP implementation in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 does not generate authentication failure traps, which allo...

How severe is CVE-2006-6435?

CVE-2006-6435 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-6435?

Check the references section above for vendor advisories and patch information. Affected products include: Xerox Workcentre.