Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Xerox security vulnerability

Xerox security vulnerability

by Ivana Strahija on August 5th, 2006 With external appliances getting more sophisticated, it was only a matter of time when someone would use a printer to get to the sensitive network information.


Brendan O'Connor, a security researcher, was able to use Xerox WorkCenter printer's security hole to run software of his liking, sniff out network traffic and access all the information that was printed out on these printers.

O'Connor, speaking at the Black Hat conference, said that he wasn't aiming at Xerox on purpose, but wanted to show how easy it is to forget to protect printers too: -This is a Linux server wrapped in a copier box. These things are all over the enterprise, O'Connor said.

Although Xerox indeed did issue a patch for this specific vulnerability, it was a rather sloppy job, so that the vulnerability is still exploitable. After this disclosure at the Black Hat, the Xerox security experts are working on producing a more suitable patch.

The only problem is, as far as Xerox is concerned, getting the patch to its customers. Although patches for Xerox products can be downloaded from the company's website and the servicing staff also has them, people rarely check out for these thing on themselves. So, Xerox announced a Microsoft-like patch bundle being distributed to its clients in short time.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »