CVE-2013-6032 Information

Description

cgi-bin/postpf/cgi-bin/dynamic/config/config.html on Lexmark X94x before LC.BR.P142 X85x through LC4.BE.P487 X644 and X646 before LC2.MC.P374 X642 through LC2.MB.P318 W840 through LS.HA.P252 T64x before LS.ST.P344 X64xef through LC2.TI.P325 C935dn through LC.JO.P091 C920 through LS.TA.P152 C78x through LC.IO.P187 X78x through LC2.IO.P335 C77x through LC.CM.P052 X772 through LC2.TR.P291 C53x through LS.SW.P069 C52x through LS.FA.P150 25xxN through LCL.CU.P114 N4000 through LC.MD.P119 N4050e through GO.GO.N206 N70xxe through LC.CO.N309 E450 through LM.SZ.P124 E350 through LE.PH.P129 and E250 through LE.PM.P126 printers allows remote attackers to remove the Password Protect administrative password via the vac.255.GENPASSWORD parameter.

Reference

http://support.lexmark.com/index?page=content&id=TE586 http://www.kb.cert.org/vuls/id/108062