============================================================================ Foofus.net Security Advisory: foofus-20111026 ============================================================================ Title: Toshiba eStudio Multifunction Printer Information Leakage Version: e-Studio series devices Vendor: Toshiba Release Date: 01/29/2011 Update Date: 10/26/2011 ============================================================================ 1. Summary: Toshiba e-Studio devices found to be vulnerable to an information leakage vulnerability. ============================================================================ 2. Description: Passwords can be extracted in plan text from html source code of various configuration pages. Example: http://IP Address/TopAccess//Administrator/Setup/ScanToFile/List.htm <td class="clsTableElement" nowrap""> Password <input ID="Password3" type="password" value="Plan text password" onfocus=" if (this.disable) this.blur();" maxlength="32" ============================================================================ 3. Impact: Exploiting this allows an adversary to extract passwords that can be used to gain access to file servers, LDAP system, or other critical systems. ============================================================================ 4. Affected Products: All e-Studio devices tested against have been found to be vulnerable as of July 2011. Validation of specific firmware versions have not been conducted on a number of systems. This is due to limited access to devices Confirmed devices: e-STUDIO305 e-STUDIO455 e-STUDIO600 e-STUDIO603 Confirmed devices and firmware version: e-STUDIO3510c firmware version T380SY0J040 e-STUDIO281c firmware version T410SY0T233 ============================================================================ 5. Solution: Contact vendor and request firmware upgrade to patch security issue. ============================================================================ 6) Time Table: 01/29/2011 Reported Vulnerability. 10/27/2011 Publishes Advisory ============================================================================ 7) Credits: Discovered by Deral Heiland PercX ============================================================================ 8. Reference: http://praeda.foofus.net http://www.foofus.net/?page_id=457 ============================================================================ The Foofus.Net team is an assortment of security professionals located through out the United States. http://www.foofus.net Follow percX on Twitter @Percent_X ============================================================================
