lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1319690255.82406.YahooMailClassic@web2819.biz.mail.ne1.yahoo.com>
Date: Wed, 26 Oct 2011 21:37:35 -0700 (PDT)
From: dh@...ereddefense.com
To: full-disclosure@...ts.grok.org.uk
Subject: foofus.net security advisory - Toshiba eStudio
	Multifunction Printer Information Leakage

============================================================================
Foofus.net Security Advisory: foofus-20111026
============================================================================
Title:        Toshiba eStudio Multifunction Printer Information Leakage
Version:      e-Studio series devices
Vendor:       Toshiba
Release Date: 01/29/2011
Update Date:  10/26/2011
============================================================================

1. Summary:

Toshiba e-Studio devices found to be vulnerable to an information leakage 
vulnerability. 

============================================================================

2. Description:

Passwords can be extracted in plan text from html source code of various configuration 
pages.

Example:
http://IP Address/TopAccess//Administrator/Setup/ScanToFile/List.htm

<td class="clsTableElement" nowrap"">
   Password
    <input ID="Password3" type="password" value="Plan text password" onfocus="
     if (this.disable) this.blur();" maxlength="32"

============================================================================

3. Impact:

Exploiting this allows an adversary to extract passwords that can be used to gain 
access to file servers, LDAP system, or other critical systems.

============================================================================

4. Affected Products:

All e-Studio devices tested against have been found to be vulnerable as of
July 2011.

Validation of specific firmware versions have not been conducted on a number
of systems. This is due to limited access to devices

Confirmed devices:

e-STUDIO305
e-STUDIO455
e-STUDIO600
e-STUDIO603

Confirmed devices and firmware version:
e-STUDIO3510c     firmware version T380SY0J040
e-STUDIO281c       firmware version T410SY0T233


============================================================================

5. Solution:

   Contact vendor and request firmware upgrade to patch security issue.

============================================================================

6) Time Table:

01/29/2011 Reported Vulnerability.

10/27/2011 Publishes Advisory

============================================================================

7) Credits: Discovered by Deral Heiland PercX

============================================================================

8. Reference:
   http://praeda.foofus.net
   http://www.foofus.net/?page_id=457


============================================================================

The Foofus.Net team is an assortment of security professionals located
through out the United States. http://www.foofus.net

Follow percX on Twitter @Percent_X

============================================================================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ