{"id":457,"date":"2011-10-26T22:07:26","date_gmt":"2011-10-27T04:07:26","guid":{"rendered":"http:\/\/www.foofus.net\/?page_id=457"},"modified":"2011-10-26T22:07:26","modified_gmt":"2011-10-27T04:07:26","slug":"toshiba-estudio-multifunction-printer-information-leakage","status":"publish","type":"page","link":"http:\/\/h.foofus.net\/?page_id=457","title":{"rendered":"Toshiba eStudio Multifunction Printer Information leakage"},"content":{"rendered":"<p>============================================================================<br \/>\nFoofus.net Security Advisory: foofus-20111026<br \/>\n============================================================================<br \/>\nTitle:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Toshiba EStudio Multifunction Printer Information Leakage<br \/>\nVersion:\u00a0\u00a0\u00a0\u00a0\u00a0 e-Studio series devices<br \/>\nVendor:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Toshiba<br \/>\nRelease Date: 01\/29\/2011<br \/>\nUpdate Date:\u00a0 10\/26\/2011<br \/>\n============================================================================<\/p>\n<p>1. Summary:<\/p>\n<p>Toshiba e-Studio multifunction printer devices found to be vulnerable to an information leakage<br \/>\nvulnerability.<\/p>\n<p>============================================================================<\/p>\n<p>2. Description:<\/p>\n<p>Passwords can be extracted in plan text from html source code of various configuration<br \/>\npages.<\/p>\n<p>Example:<br \/>\nhttp:\/\/IP Address\/TopAccess\/Administrator\/Setup\/ScanToFile\/List.htm<\/p>\n<p>&lt;td nowrap&#8221;&#8221;&gt;<br \/>\nPassword<br \/>\n&lt;input ID=&#8221;Password3&#8243; type=&#8221;password&#8221; value=&#8221;Password1&#8243; onfocus=&#8221;<br \/>\nif (this.disable) this.blur();&#8221; maxlength=&#8221;32&#8243;<\/p>\n<p>============================================================================<\/p>\n<p>3. Impact:<\/p>\n<p>Exploiting this allows an adversary to extract passwords that can be used to gain<br \/>\naccess to file servers, LDAP system, or other critical systems.<\/p>\n<p>============================================================================<\/p>\n<p>4. Affected Products:<\/p>\n<p>All e-Studio devices tested against have been found to be vulnerable as of<br \/>\nJuly 2011.<\/p>\n<p>Validation of specific firmware versions have not been conducted on a number<br \/>\nof systems. This is due to limited access to devices<\/p>\n<p>Confirmed devices:<\/p>\n<p>e-STUDIO305<br \/>\ne-STUDIO455<br \/>\ne-STUDIO600<br \/>\ne-STUDIO603<\/p>\n<p>Confirmed devices and firmware version:<br \/>\ne-STUDIO3510c\u00a0\u00a0\u00a0\u00a0 firmware version T380SY0J040<br \/>\ne-STUDIO281c\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 firmware version T410SY0T233<\/p>\n<p>============================================================================<\/p>\n<p>5. Solution:<\/p>\n<p>Contact vendor and request firmware upgrade to patch security issue.<\/p>\n<p>============================================================================<\/p>\n<p>6) Time Table:<\/p>\n<p>01\/29\/2011 Reported Vulnerability.<\/p>\n<p>10\/27\/2011 Publishes Advisory<\/p>\n<p>============================================================================<\/p>\n<p>7) Credits: Discovered by Deral Heiland PercX<\/p>\n<p>============================================================================<\/p>\n<p>8. Reference:<br \/>\nhttp:\/\/praeda.foofus.net<br \/>\nhttp:\/\/www.foofus.net\/?page_id=457<\/p>\n<p>============================================================================<\/p>\n<p>The Foofus.Net team is an assortment of security professionals located<br \/>\nthrough out the United States. http:\/\/www.foofus.net<\/p>\n<p>Follow percX on Twitter @Percent_X<\/p>\n<p>============================================================================<\/p>\n","protected":false},"excerpt":{"rendered":"<p>============================================================================ Foofus.net Security Advisory: foofus-20111026 ============================================================================ Title:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Toshiba EStudio Multifunction Printer Information Leakage Version:\u00a0\u00a0\u00a0\u00a0\u00a0 e-Studio series devices Vendor:\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Toshiba Release Date: 01\/29\/2011 Update Date:\u00a0 10\/26\/2011 ============================================================================ 1. Summary: Toshiba e-Studio multifunction printer devices found to be vulnerable to an information leakage vulnerability. ============================================================================ 2. Description: Passwords can be extracted in plan text from html source [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":273,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-457","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/pages\/457","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/h.foofus.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=457"}],"version-history":[{"count":0,"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/pages\/457\/revisions"}],"up":[{"embeddable":true,"href":"http:\/\/h.foofus.net\/index.php?rest_route=\/wp\/v2\/pages\/273"}],"wp:attachment":[{"href":"http:\/\/h.foofus.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=457"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}