Info

Disclosure

Feb 16, 2006

Discovery

Unknown

Dates

Exploit

Feb 16, 2006

Solution

Unknown

Description

By default, some Kyocera printers install with an default password. The 'admin' account has an empty password, which is publicly known and documented. This allows attackers to trivially access the system.

Classification

Location: Remote / Network Access
Attack Type: Authentication Management
Impact: Loss of Integrity
Exploit: Exploit Public

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Kyocera Mita

Various Printers

Unknown or Unspecified

References

CVE ID: 2006-0789 (see also: NVD)
VUPEN Advisory: ADV-2006-0620
Other Advisory URL: http://evader.wordpress.com/2006/02/16/kyocera-printers/
Vendor URL: http://www.kyoceramita.co.uk/

Credit

evader - http://evader.wordpress.com/

Direct URL: http://osvdb.org/36218