Vulnerability Details CVE-2008-0303
The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.7%
CVSS Severity
CVSS v2 Score 6.4
References
- http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack
- http://jvn.jp/en/jp/JVN10056705/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000013.html
- http://securitytracker.com/id?1019528
- http://www.kb.cert.org/vuls/id/568073
- http://www.securityfocus.com/bid/28042
- http://www.usa.canon.com/html/security/pdf/CVA-001.pdf
- http://itso.iu.edu/20080229_Canon_MFD_FTP_bounce_attack
- http://jvn.jp/en/jp/JVN10056705/index.html
- http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000013.html
- http://securitytracker.com/id?1019528
- http://www.kb.cert.org/vuls/id/568073
- http://www.securityfocus.com/bid/28042
- http://www.usa.canon.com/html/security/pdf/CVA-001.pdf
Products affected by CVE-2008-0303
-
cpe:2.3:a:canon:i-sensys:lbp3360
-
cpe:2.3:a:canon:i-sensys:lbp3460
-
cpe:2.3:a:canon:i-sensys:lbp5360
-
cpe:2.3:a:canon:imagepress:c1
-
cpe:2.3:a:canon:imagerunner:105plus
-
cpe:2.3:a:canon:imagerunner:2230
-
cpe:2.3:a:canon:imagerunner:2270
-
cpe:2.3:a:canon:imagerunner:2570c
-
cpe:2.3:a:canon:imagerunner:2570ci
-
cpe:2.3:a:canon:imagerunner:2870
-
cpe:2.3:a:canon:imagerunner:3025
-
cpe:2.3:a:canon:imagerunner:3025n
-
cpe:2.3:a:canon:imagerunner:3035
-
cpe:2.3:a:canon:imagerunner:3035n
-
cpe:2.3:a:canon:imagerunner:3045
-
cpe:2.3:a:canon:imagerunner:3045n
-
cpe:2.3:a:canon:imagerunner:3170c
-
cpe:2.3:a:canon:imagerunner:3170ci
-
cpe:2.3:a:canon:imagerunner:3180c
-
cpe:2.3:a:canon:imagerunner:3180ci
-
cpe:2.3:a:canon:imagerunner:3530
-
cpe:2.3:a:canon:imagerunner:3570
-
cpe:2.3:a:canon:imagerunner:4570
-
cpe:2.3:a:canon:imagerunner:5055
-
cpe:2.3:a:canon:imagerunner:5055n
-
cpe:2.3:a:canon:imagerunner:5065
-
cpe:2.3:a:canon:imagerunner:5065n
-
cpe:2.3:a:canon:imagerunner:5075
-
cpe:2.3:a:canon:imagerunner:5075n
-
cpe:2.3:a:canon:imagerunner:5570
-
cpe:2.3:a:canon:imagerunner:5800c
-
cpe:2.3:a:canon:imagerunner:5800cn
-
cpe:2.3:a:canon:imagerunner:6570
-
cpe:2.3:a:canon:imagerunner:6800c
-
cpe:2.3:a:canon:imagerunner:6800cn
-
cpe:2.3:a:canon:imagerunner:7086
-
cpe:2.3:a:canon:imagerunner:7095
-
cpe:2.3:a:canon:imagerunner:7095p
-
cpe:2.3:a:canon:imagerunner:7105
-
cpe:2.3:a:canon:imagerunner:8070
-
cpe:2.3:a:canon:imagerunner:85plus
-
cpe:2.3:a:canon:imagerunner:c2380i
-
cpe:2.3:a:canon:imagerunner:c2620
-
cpe:2.3:a:canon:imagerunner:c2620n
-
cpe:2.3:a:canon:imagerunner:c2880
-
cpe:2.3:a:canon:imagerunner:c2880i
-
cpe:2.3:a:canon:imagerunner:c3220n
-
cpe:2.3:a:canon:imagerunner:c3380
-
cpe:2.3:a:canon:imagerunner:c3380i
-
cpe:2.3:a:canon:imagerunner:c4080i
-
cpe:2.3:a:canon:imagerunner:c4580i
-
cpe:2.3:a:canon:imagerunner:c5185i
-
cpe:2.3:a:canon:imagerunner:c5870
-
cpe:2.3:a:canon:imagerunner:c5870i
-
cpe:2.3:a:canon:imagerunner:c5880
-
cpe:2.3:a:canon:imagerunner:c5880i
-
cpe:2.3:a:canon:imagerunner:c6870i
-
cpe:2.3:a:canon:imagerunner:c6880
-
cpe:2.3:a:canon:imagerunner:c6880i
-
cpe:2.3:a:canon:imagerunner:clc4040
-
cpe:2.3:a:canon:imagerunner:clc5151
-
cpe:2.3:a:canon:imagerunner_2620:-
-
cpe:2.3:a:canon:imagerunner_5000i:-
-
cpe:2.3:a:canon:imagerunner_5020:-
-
cpe:2.3:a:canon:imagerunner_6870:-
-
cpe:2.3:a:canon:imagerunner_8500:-
-
cpe:2.3:a:canon:imagerunner_9070:-
-
cpe:2.3:a:canon:imagerunner_c3200:-
-
cpe:2.3:a:canon:imagerunner_c3220:-
-
cpe:2.3:a:canon:imagerunner_c6800:-