Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security bug in Xerox Document Centre

From: K.Schleede <USA.DSSC.Doc.Feedback () xerox com>
Date: 16 Jan 2004 15:34:49 -0000
In-Reply-To: <20031220000206.17997.qmail () sf-www1-symnsj securityfocus com>

Thank you, Mr. Gutierrez and Mr. Pierce, for finding and pointing out the HTTP web page security vulnerability. 
(Originally posted, 19 December 2003.)

The Office Group, worldwide has developed action plans that seem to be most appropriate to address the recently 
discovered security vulnerability issue on Document Centre and WorkCentre / WorkCentre Pro products. Most of these 
products have patches available today, the rest will have them as soon as they can be finished.

For customers concerned about hackers attempting to access Document Centre / WorkCentre Pro (connected) products, a 
"patch" has been (or will be) created to eliminate this vulnerability.  Each family of products has/will have a patch 
customized for that family.   The patches can be installed by the customer's IT department or SA.
------------------------------------------------------------------------
Each customer who would like to have one or more of these patches should contact their support organization.  
------------------------------------------------------------------------
The support group will help them determine which patches they need and ensure the customer gets the patches and 
instructions to install them.  Please contact your typical support organization via phone.  The correct phone number 
for your country can be found at www.xerox.com. (Choose your region from the very top pull-down box.)

Xerox development teams take any security issue extremely seriously and are firmly committed to resolving them as soon 
as possible in order to continue to provide our customers with the most dependable network security available.

Other security information about Xerox products is available at www.xerox.com/security.

Please consult the bulletin "Xerox MicroServer Web Server Vulnerability: Xerox Security Bulletin XRX04-001"  located at 
that site for instructions on how to obtain a patch for your product.

Security issues in Xerox products can be reported to Xerox via your normal support organization (preferred) or the 
email address: USA.DSSC.Doc.Feedback () mc usa xerox com.

Thank you for your patience while we worked to resolve this problem!
Previous By Date Next
Previous By Thread Next

Current thread: