VAR-199911-0073
Vulnerability from variot - Updated: 2025-04-03 22:31Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics, restart the machine, asign services etc. Once the password is obtained by the user, they can manipulate the printer in any way they see fit. There is a bug in the web server on Tektronix PhaserLink Printer 840.0 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199911-0073",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "phaser network printer 740",
"scope": "eq",
"trust": 1.0,
"vendor": "tek",
"version": "*"
},
{
"model": "phaser network printer 840",
"scope": "eq",
"trust": 1.0,
"vendor": "tek",
"version": "*"
},
{
"model": "phaser network printer 930",
"scope": "eq",
"trust": 1.0,
"vendor": "tek",
"version": "*"
},
{
"model": "phaser network printer 750",
"scope": "eq",
"trust": 1.0,
"vendor": "tek",
"version": "*"
},
{
"model": "phaser network printer 750dp",
"scope": "eq",
"trust": 1.0,
"vendor": "tek",
"version": "*"
},
{
"model": "phaser network printer 740",
"scope": null,
"trust": 0.6,
"vendor": "tek",
"version": null
},
{
"model": "phaser network printer 930",
"scope": null,
"trust": 0.6,
"vendor": "tek",
"version": null
},
{
"model": "phaser network printer 750dp",
"scope": null,
"trust": 0.6,
"vendor": "tek",
"version": null
},
{
"model": "phaser network printer 750",
"scope": null,
"trust": 0.6,
"vendor": "tek",
"version": null
},
{
"model": "phaser network printer 840",
"scope": null,
"trust": 0.6,
"vendor": "tek",
"version": null
},
{
"model": "phaser network printer",
"scope": "eq",
"trust": 0.3,
"vendor": "tektronix",
"version": "930"
},
{
"model": "phaser network printer",
"scope": "eq",
"trust": 0.3,
"vendor": "tektronix",
"version": "840"
},
{
"model": "phaser network printer 750dp",
"scope": null,
"trust": 0.3,
"vendor": "tektronix",
"version": null
},
{
"model": "phaser network printer",
"scope": "eq",
"trust": 0.3,
"vendor": "tektronix",
"version": "750"
},
{
"model": "phaser network printer",
"scope": "eq",
"trust": 0.3,
"vendor": "tektronix",
"version": "740"
}
],
"sources": [
{
"db": "BID",
"id": "806"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This bug was discovered and posted to the Bugtraq mailing list by Dennis W. Mattison \u003cdwmatt@nosc.mil\u003e on Tue, 16 Nov 1999.",
"sources": [
{
"db": "BID",
"id": "806"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
}
],
"trust": 0.9
},
"cve": "CVE-1999-1508",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-1999-1508",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-1489",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-1508",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-199911-055",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-1489",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1489"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. Certain versions of the Tektronix PhaserLink printer ship with a webserver designed to help facilitate configuration of the device. This service is essentially administrator level access as it can completely modify the system characteristics, restart the machine, asign services etc. Once the password is obtained by the user, they can manipulate the printer in any way they see fit. There is a bug in the web server on Tektronix PhaserLink Printer 840.0 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1508"
},
{
"db": "BID",
"id": "806"
},
{
"db": "VULHUB",
"id": "VHN-1489"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-1489",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1489"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-1999-1508",
"trust": 2.0
},
{
"db": "BID",
"id": "806",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "19991116 [FWD: PRINTER VULNERABILITY: TEKTRONIX PHASERLINK WEBSERVER GIVES ADMINISTRATOR PASSWORD]",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "19632",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-1489",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1489"
},
{
"db": "BID",
"id": "806"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"id": "VAR-199911-0073",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-1489"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:31:50.830000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/806"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=94286041430870\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=94286041430870\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.tek.com/home/support.html"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=94286041430870\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-1489"
},
{
"db": "BID",
"id": "806"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-1489"
},
{
"db": "BID",
"id": "806"
},
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "1999-11-16T00:00:00",
"db": "VULHUB",
"id": "VHN-1489"
},
{
"date": "1999-11-17T00:00:00",
"db": "BID",
"id": "806"
},
{
"date": "1999-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"date": "1999-11-16T05:00:00",
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-1489"
},
{
"date": "2009-07-11T00:56:00",
"db": "BID",
"id": "806"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199911-055"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-1999-1508"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tektronix PhaserLink Web Server vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access verification error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199911-055"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…