Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-2112

Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted.

Published

2006-08-25T01:04:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	dell	3000cn	*	Yes
Hardware	dell	3010cn	*	Yes
Hardware	dell	3100cn	*	Yes
Hardware	dell	3110cn	*	Yes
Hardware	dell	5100cn	*	Yes
Hardware	dell	5110cn	*	Yes
Hardware	fuji_xerox	docuprint_181	*	Yes
Hardware	fuji_xerox	docuprint_181_network_option_card	*	Yes
Hardware	fuji_xerox	docuprint_211	*	Yes
Hardware	fuji_xerox	docuprint_211_network_option_card	*	Yes
Hardware	fuji_xerox	docuprint_c1616	*	Yes
Hardware	fuji_xerox	docuprint_c1616_network_option_card	*	Yes
Hardware	fuji_xerox	docuprint_c2535a	*	Yes
Hardware	fuji_xerox	docuprint_c525a	*	Yes
Hardware	fuji_xerox	docuprint_c525a_network_option_card	*	Yes
Hardware	fuji_xerox	docuprint_c830	*	Yes
Hardware	fuji_xerox	docuprint_c830_network_option_card	*	Yes
Hardware	fuji_xerox	fuji_xerox_printing_systems_print_engine	*	Yes
Hardware	fuji_xerox	phaser_6201j	*	Yes

References

http://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities Patch ([email protected])
http://marc.info/?l=bugtraq&m=115652437223454&w=2 ([email protected])
http://secunia.com/advisories/21630 Vendor Advisory ([email protected])
http://secunia.com/advisories/22463 Vendor Advisory ([email protected])
http://www.osvdb.org/28249 ([email protected])
http://www.securityfocus.com/archive/1/444321/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/19711 ([email protected])
http://www.vupen.com/english/advisories/2006/3401 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/28637 ([email protected])
http://itso.iu.edu/20060824_FXPS_Print_Engine_Vulnerabilities Patch (af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=115652437223454&w=2 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/21630 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/22463 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/28249 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/444321/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/19711 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/3401 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/28637 (af854a3a-2127-422b-91ae-364da2661108)