Xerox printers said to contain security hole

Summary:The Black Hat conference has heard that Xerox's WorkCenter printers may need patching again

A US security expert has identified vulnerabilities in Xerox's WorkCenter multifunction printers, reports have claimed.

According to IDG News Service, the flaws were discussed at the Black Hat security conference in Las Vegas. Brendan O'Connor, who works for an unnamed US finance company, claimed that malicious hackers could take advantage of a configuration error in the printers' Web interface.

This would let them run unauthorised software on the printers, compromise network traffic, and access sensitive information being printed on the machines, O'Connor claimed.

Back in February 2006, Xerox admitted that its WorkCenter and WorkCenter Pro products contained flaws that could be used to bypass certain security restrictions, or conduct cross-site scripting and denial of service attacks. It released a patch which it said fixed the problem.

O'Connor, on the other handy, has claimed the flaws can still be exploited.

Xerox UK was not immediately able to comment on the claims, but a company representative at Black Hat reportedly said that an updated patch would be released soon.

Topics: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.