Users login

Create an account »


Users login

Home » Hacking News » Castelle Faxpress Plaintext Password Disclosure Vulnerability

Castelle Faxpress Plaintext Password Disclosure Vulnerability

by Nikola Strahija on February 7th, 2002 When a network print job is submitted with an incorrect password, the FaxPress notice system is used to send an error message back to the client. This message includes the submitted username and password in plaintext, possibly leading to the disclosure of sensitive information.

Castelle FaxPress is an integrated solution for a network fax environment. FaxPress is a hardware and software server providing fax functionality, and is designed to integrate with Microsoft Windows, Novell NetWare, and Linux based systems.

No exploit code is required.

Vulnerable: Castelle FaxPress Software 6.3

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »