Details of VAR-200212-0697

ID

VAR-200212-0697

CVE

CVE-2002-2373

TITLE

Apple 12/640 PS LaserWriter TCP/IP Configuration Tool Telnet Service default passwordless vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-833

DESCRIPTION

The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. The 12/640 PS LaserWriter is a Postscript capable printer distributed by Apple. When the tool is used to configure a printer, the device does not require the setting of a telnet server password. This may allow unauthorized remote access to the device. TCP/IP Print Configuration Tool is a security and management software for Apple.LaserWriter 12/640 PS printer

Trust: 1.26

sources: NVD: CVE-2002-2373 // BID: 6052 // VULHUB: VHN-6756

AFFECTED PRODUCTS

vendor:	apple	model:	tcp ip configuration utility	scope:	eq	version:	12_640	Trust: 1.0
vendor:	apple	model:	laserwriter	scope:	eq	version:	12_640_ps	Trust: 0.6
vendor:	apple	model:	tcp/ip configuration utility	scope:	eq	version:	12/640	Trust: 0.3

sources: BID: 6052 // CNNVD: CNNVD-200212-833 // NVD: CVE-2002-2373

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-2373
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200212-833
value:	HIGH
Trust: 0.6
VULHUB:	VHN-6756
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-2373
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-6756
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-6756 // CNNVD: CNNVD-200212-833 // NVD: CVE-2002-2373

PROBLEMTYPE DATA

problemtype:

CWE-16

Trust: 1.1

sources: VULHUB: VHN-6756 // NVD: CVE-2002-2373

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-833

TYPE

Configuration Error

Trust: 0.9

sources: BID: 6052 // CNNVD: CNNVD-200212-833

EXTERNAL IDS

db:	BID	id:	6052	Trust: 2.0
db:	NVD	id:	CVE-2002-2373	Trust: 1.7
db:	CNNVD	id:	CNNVD-200212-833	Trust: 0.7
db:	NSFOCUS	id:	3740	Trust: 0.6
db:	XF	id:	10476	Trust: 0.6
db:	BUGTRAQ	id:	20021026 TCP/IP PRINTER CONFIGURATION UTILITY FOR APPLE.LASERWRITER 12/640 PS SECURITY PROBLEM	Trust: 0.6
db:	VULHUB	id:	VHN-6756	Trust: 0.1

sources: VULHUB: VHN-6756 // BID: 6052 // CNNVD: CNNVD-200212-833 // NVD: CVE-2002-2373

REFERENCES

url:	http://www.securityfocus.com/bid/6052	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/297250	Trust: 1.7
url:	http://www.iss.net/security_center/static/10476.php	Trust: 1.7
url:	http://www.nsfocus.net/vulndb/3740	Trust: 0.6

sources: VULHUB: VHN-6756 // CNNVD: CNNVD-200212-833 // NVD: CVE-2002-2373

CREDITS

UkR security team※ cuctema@ok.ru

Trust: 0.6

sources: CNNVD: CNNVD-200212-833

SOURCES

db:	VULHUB	id:	VHN-6756
db:	BID	id:	6052
db:	CNNVD	id:	CNNVD-200212-833
db:	NVD	id:	CVE-2002-2373

LAST UPDATE DATE

2024-08-14T15:45:46.470000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-6756	date:	2008-09-05T00:00:00
db:	BID	id:	6052	date:	2002-10-26T00:00:00
db:	CNNVD	id:	CNNVD-200212-833	date:	2002-12-31T00:00:00
db:	NVD	id:	CVE-2002-2373	date:	2008-09-05T20:33:03.397

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-6756	date:	2002-12-31T00:00:00
db:	BID	id:	6052	date:	2002-10-26T00:00:00
db:	CNNVD	id:	CNNVD-200212-833	date:	2002-10-26T00:00:00
db:	NVD	id:	CVE-2002-2373	date:	2002-12-31T05:00:00