----------------------------------------------------------------------

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts.
We will help with relocation and obtaining a work permit.

Currently the following type of positions are available:
https://secunia.com/quality_assurance_analyst/
https://secunia.com/web_application_security_specialist/ 
https://secunia.com/hardcore_disassembler_and_reverse_engineer/

----------------------------------------------------------------------

TITLE:
Canon imageRUNNER Products Exposure of User Credentials

SECUNIA ADVISORY ID:
SA21788

VERIFY ADVISORY:
https://secunia.com/advisories/21788/

CRITICAL:
Not critical

IMPACT:
Exposure of sensitive information

WHERE:
>From local network

OPERATING SYSTEM:
Canon Color imageRUNNER C3220
https://secunia.com/product/11884/
Canon imageRUNNER 5020
https://secunia.com/product/11887/
Canon imageRUNNER 8500
https://secunia.com/product/11889/
Canon imageRUNNER 9070
https://secunia.com/product/11885/
Canon imageRUNNER C6800
https://secunia.com/product/11888/
Canon imageRUNNER C6870
https://secunia.com/product/11886/

DESCRIPTION:
GR has reported a security issue in various Canon imageRUNNER
products, which can be exploited by certain malicious users to
disclose sensitive information.

The problem is that user credentials are included when exporting the
Address Book via the Remote UI web interface. This can be exploited
to disclose the usernames and passwords used for scanning SMB, FTP,
and IPX shares, and passwords for password protected fax entries.

Successful exploitation requires that Remote UI is enabled and that
the user has system manager privileges.

The following products are affected:
* Canon imageRUNNER C6870
* Canon imageRUNNER C6800
* Canon imageRUNNER 9070
* Canon imageRUNNER 8500
* Canon imageRUNNER 5020
* Canon Color imageRUNNER C3220

SOLUTION:
Filter traffic and restrict access to the Remote UI web interface.

Disable the Remote UI if the functionality is not needed.

PROVIDED AND/OR DISCOVERED BY:
GR

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
https://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
https://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------