Vulnerability Note VU#737740
Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL
Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier use a vulnerable version of OpenSSL (0.9.8o).
Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier uses OpenSSL for SSL/TLS encryption. The version of OpenSSL that comes with the Fiery Network Controllers for Xerox DocuColor 242/252/260 Printer/Copier is 0.9.8o that is out of date and known to be vulnerable.
A remote attacker may be able to cause a denial of service or possibly run arbitrary code.
Apply an Update
Apply patch 1-1IJ6ZK. The patch will upgrade OpenSSL to version 0.9.8x. Patch 1-1IJ6ZK can be obtained from Xerox tech support.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|EFI||Affected||18 Dec 2012||18 Mar 2013|
CVSS Metrics (Learn More)
Thanks to Curtis Rhodes for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: CVE-2013-0169 CVE-2013-0166 CVE-2012-2333 CVE-2012-0884 CVE-2011-4619 CVE-2011-4577 CVE-2011-4576 CVE-2011-4109 CVE-2011-4108 CVE-2010-4180 CVE-2010-3864
- Date Public: 18 Mar 2013
- Date First Published: 18 Mar 2013
- Date Last Updated: 02 May 2013
- Document Revision: 29
If you have feedback, comments, or additional information about this vulnerability, please send us email.