On Wed, Nov 08, 2006 at 11:25:21AM -0600, Vanhooser, Mike wrote:
Has anyone in the group actually had a problem related to not having a
password set on a printer.
Nessus rates this as a high problem as well as high rated CVE but
wondering if this is really something that should be considered a high
risk.
When looking at CVSS scores, one thing to understand is that we compute
only the base scores. These are generated solely based on the
characteristics of the vulnerabilities themselves and don't reflect the
importance of a service to an organization, the likelihood that an
exploit exists, etc that you probably should be concerned about in
trying to manage your exposure to vulnerabilities.
For example, a local file include flaw in, say, BillyBob's Guestbook
installed on a webserver that a summer coop set up on his desktop rates
much higher than a denial of service flaw in one of your border routers.
Which are you really going to lose sleep over?
Issues would be denial of service but could a redirect of sensitive
printer info be possible? Are there other concerns?
Well, the plugin description mentions that the flaw allows "anyone to
change its IP or potentially to intercept print jobs sent to it."
Obviously, intercepting print jobs means a loss of confidentiality
("partial" because someone needs to first send a job to your "printer").
But it could also lead to a loss of integrity as the attacker could
potentially change the documents and then re-route them to the real printer.
George
--
theall@tenablesecurity.com
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
