 |
|
|
|
|
|
|
| RSS Feed: Xerox Security BulletinsFeed ContentXerox Security Bulletin XRX11-004
Fri Oct 7 17:20:13 2011
A vulnerability exists that, if exploited, could allow remote attackers to bypass local authentication. This could occur with a specially crafted sequence of commands entered through the Web User Interface. If successful, an attacker could make unauthorized changes to the system configuration; however, customer and user passwords are not exposed. A patch file P48 is provided for the ColorQube 9301/9302/9303.
> cert_CQ93xx_P48v1_Patch.zip
(zip archive 9.3M)
Are MFD devices a Security Threat Bulletin
Wed Sep 7 19:51:59 2011
At DEFCON, a new presentation for an existing problem has resurfaced. Read the document above for the details.
Xerox Security Bulletin XRX11-003
Sun Aug 28 17:49:03 2011
FreeFlow Print Server
Oracle July 2011 CPU OS and Security Patch Cluster (includes Java 6 Update 26 Software)
Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Xerox customizes the patch deliveries as appropriate to each FFPS Product family, and tests the CPU patches on each supported SPAR Release prior to delivery. Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.
Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.
|
