Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0303

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-0303
Last Modified 13 Mar 2009 01:31:26
Published 28 Feb 2008 09:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0303

Summary

The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.

Vulnerable Systems

Application

  • Canon I-sensys Lbp3360

  • Canon I-sensys Lbp3460

  • Canon I-sensys Lbp5360

  • Canon Imagepress C1

  • Canon Imagerunner 105plus

  • Canon Imagerunner 2230

  • Canon Imagerunner 2270

  • Canon Imagerunner 2570c

  • Canon Imagerunner 2570ci

  • Canon Imagerunner 2620

  • Canon Imagerunner 2870

  • Canon Imagerunner 3025

  • Canon Imagerunner 3025n

  • Canon Imagerunner 3035

  • Canon Imagerunner 3035n

  • Canon Imagerunner 3045

  • Canon Imagerunner 3045n

  • Canon Imagerunner 3170c

  • Canon Imagerunner 3170ci

  • Canon Imagerunner 3180c

  • Canon Imagerunner 3180ci

  • Canon Imagerunner 3530

  • Canon Imagerunner 3570

  • Canon Imagerunner 4570

  • Canon Imagerunner 5000i

  • Canon Imagerunner 5020

  • Canon Imagerunner 5055

  • Canon Imagerunner 5055n

  • Canon Imagerunner 5065

  • Canon Imagerunner 5065n

  • Canon Imagerunner 5075

  • Canon Imagerunner 5075n

  • Canon Imagerunner 5570

  • Canon Imagerunner 5800c

  • Canon Imagerunner 5800cn

  • Canon Imagerunner 6570

  • Canon Imagerunner 6800c

  • Canon Imagerunner 6800cn

  • Canon Imagerunner 6870

  • Canon Imagerunner 7086

  • Canon Imagerunner 7095

  • Canon Imagerunner 7095p

  • Canon Imagerunner 7105

  • Canon Imagerunner 8070

  • Canon Imagerunner 8500

  • Canon Imagerunner 85plus

  • Canon Imagerunner 9070

  • Canon Imagerunner C2380i

  • Canon Imagerunner C2620

  • Canon Imagerunner C2620n

  • Canon Imagerunner C2880

  • Canon Imagerunner C2880i

  • Canon Imagerunner C3200

  • Canon Imagerunner C3220

  • Canon Imagerunner C3220n

  • Canon Imagerunner C3380

  • Canon Imagerunner C3380i

  • Canon Imagerunner C4080i

  • Canon Imagerunner C4580i

  • Canon Imagerunner C5185i

  • Canon Imagerunner C5870

  • Canon Imagerunner C5870i

  • Canon Imagerunner C5880

  • Canon Imagerunner C5880i

  • Canon Imagerunner C6800

  • Canon Imagerunner C6870i

  • Canon Imagerunner C6880

  • Canon Imagerunner C6880i

  • Canon Imagerunner Clc4040

  • Canon Imagerunner Clc5151


References

CERT-VN - VU#568073

CONFIRM - http://www.usa.canon.com/html/security/pdf/CVA-001.pdf

BID - 28042

JVNDB - JVNDB-2008-000013

JVN - JVN#10056705

MISC - http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack

SECTRACK - 1019528


Last Updated: 27 May 2016 10:46:46