Xerox Security Bulletin XRX09-003 (PDF 82.9K)

Second Release September 29, 2009
Original Release August 28, 2009
A vulnerability exists in the web servers of the WorkCentre 5030/5050, the WorkCentre 5135/5150, the WorkCentre 5632/5638/5645/5655/5665/5675/5687, the WorkCentre 7655/7665/7675, the WorkCentre 6400, and the ColorQube 9201/9202/9203. If exploited when SSL is not enabled on the device, the vulnerability could allow remote attackers to obtain unauthorized access to device configuration settings, possibly exposing customer passwords

NOTE: The original version of the P39 patch required a manual reboot after installation. This version of the patch automatically performs a re-boot upon installation.