[VIM] interesting change in Xerox advisories

security curmudgeon jericho at attrition.org
Wed Mar 8 01:52:28 EST 2006 

We've discussed Xerox advisories in the past, and how vague they are:

Xerox, redundancy and being vague..
http://attrition.org/pipermail/vim/2005-July/000206.html
http://attrition.org/pipermail/vim/2005-July/000209.html

oh how i love xerox
http://attrition.org/pipermail/vim/2006-February/000563.html
http://attrition.org/pipermail/vim/2006-February/000564.html

Until now, their advisories always seem to be cut/paste of each other, 
just changing the date and advisory ID number. Unspecified Auth Bypass, 
Unspecified XSS, Unspecified DoS. This month however, they really broke 
from the norm:

http://www.xerox.com/downloads/usa/en/c/cert_XRX06_002.pdf

XEROX SECURITY BULLETIN XRX06-002
03/06/06

[..]

Background

System Software Version 1.001.02.074 documented in this bulletin has 
completed Common Criteria evaluation. The software applies to the products 
listed below. The information provided here is consistent with the 
security functional claims made in the Security Target. This Security 
Target is available from the National Information Assurance Partnership 
website's Validated Products List under the heading "Xerox CopyCentre (tm) 
C65/75/90 Copier and WorkCentre (tm) Pro 65/75/90 Advanced Multifunction 
System including Image Overwrite" 
(http://niap.nist.gov/cc-scheme/st/ST_VID2021.html) or from your Xerox 
representative.

System Software Version 1.001.02.074 incorporates fixes for the following 
security-related problems:

* A buffer overflow vulnerability in the PostScript file interpreter code 
that could cause a denial of service to an attacked machine.

* A specially constructed PostScript file to navigate through the 
directory could cause a denial of service to an attacked machine.

* A specially constructed PostScript file set to expose TCP/IP ports could 
cause a denial of service to an attacked machine.

* A memory corruption vulnerability in the web server code that could 
cause a denial of service to an attacked machine.

* A vulnerability in the ESS/Network Controller could cause Immediate 
Image Overwrite to fail in a specific instance with no indication after an 
unexpected power loss.

System Software Version 1.001.02.716 has not completed Common Criteria 
evaluation, but incorporates all of the security fixes identified above 
for System Software Version 1.001.02.074 plus additional security fixes 
identified in the applicable software release notes.

Customers have the option of requesting either System Software Version.

More information about the VIM mailing list