Xerox Document Centre 470, 255ST, and possibly others allow for remote unauthorized access to files, access to plaintext passwords for the HTTP administration interface, access to DES passwords for the operating system, and read-write access to HTTP users and passwords.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/32395/xerox.txt
Source: https://packetstormsecurity.com/files/32395/xerox.txt.html