The Toshiba eStudio multifunction printer suffers from an information leakage vulnerability as passwords can be extracted in plaintext from the html source code of various configuration pages.
5734383d4ee705db601bc8d3d5e3c2dd43c7d59704ae77a50bf1ce5366dd57bc============================================================================
Foofus.net Security Advisory: foofus-20111026
============================================================================
Title: Toshiba eStudio Multifunction Printer Information Leakage
Version: e-Studio series devices
Vendor: Toshiba
Release Date: 01/29/2011
Update Date: 10/26/2011
============================================================================
1. Summary:
Toshiba e-Studio devices found to be vulnerable to an information leakage
vulnerability.
============================================================================
2. Description:
Passwords can be extracted in plan text from html source code of various configuration
pages.
Example:
http://IP Address/TopAccess//Administrator/Setup/ScanToFile/List.htm
<td class="clsTableElement" nowrap"">
Password
<input ID="Password3" type="password" value="Plan text password" onfocus="
if (this.disable) this.blur();" maxlength="32"
============================================================================
3. Impact:
Exploiting this allows an adversary to extract passwords that can be used to gain
access to file servers, LDAP system, or other critical systems.
============================================================================
4. Affected Products:
All e-Studio devices tested against have been found to be vulnerable as of
July 2011.
Validation of specific firmware versions have not been conducted on a number
of systems. This is due to limited access to devices
Confirmed devices:
e-STUDIO305
e-STUDIO455
e-STUDIO600
e-STUDIO603
Confirmed devices and firmware version:
e-STUDIO3510c firmware version T380SY0J040
e-STUDIO281c firmware version T410SY0T233
============================================================================
5. Solution:
Contact vendor and request firmware upgrade to patch security issue.
============================================================================
6) Time Table:
01/29/2011 Reported Vulnerability.
10/27/2011 Publishes Advisory
============================================================================
7) Credits: Discovered by Deral Heiland PercX
============================================================================
8. Reference:
http://praeda.foofus.net
http://www.foofus.net/?page_id=457
============================================================================
The Foofus.Net team is an assortment of security professionals located
through out the United States. http://www.foofus.net
Follow percX on Twitter @Percent_X
============================================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed