This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.APPLETV_7_2_1.NASLApple TV < 7.2.1 Multiple Vulnerabilities
According to its banner, the remote Apple TV device is a version prior to 7.2.1. It is, therefore, affected by multiple vulnerabilities in the following components :
- bootp
- CFPreferences
- CloudKit
- Code Signing
- CoreMedia Playback
- CoreText
- DiskImages
- FontParser
- ImageIO
- IOHIDFamily
- IOKit
- Kernel
- Libc
- Libinfo
- libpthread
- libxml2
- libxpc
- libxslt
- Location Framework
- Office Viewer
- QL Office
- Sandbox_profiles
- WebKit
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(90315);
script_version("1.12");
script_cvs_date("Date: 2019/11/19");
script_cve_id(
"CVE-2012-6685",
"CVE-2014-0191",
"CVE-2014-3660",
"CVE-2015-3730",
"CVE-2015-3731",
"CVE-2015-3732",
"CVE-2015-3733",
"CVE-2015-3734",
"CVE-2015-3735",
"CVE-2015-3736",
"CVE-2015-3737",
"CVE-2015-3738",
"CVE-2015-3739",
"CVE-2015-3740",
"CVE-2015-3741",
"CVE-2015-3742",
"CVE-2015-3743",
"CVE-2015-3744",
"CVE-2015-3745",
"CVE-2015-3746",
"CVE-2015-3747",
"CVE-2015-3748",
"CVE-2015-3749",
"CVE-2015-3750",
"CVE-2015-3751",
"CVE-2015-3752",
"CVE-2015-3753",
"CVE-2015-3759",
"CVE-2015-3766",
"CVE-2015-3768",
"CVE-2015-3776",
"CVE-2015-3778",
"CVE-2015-3782",
"CVE-2015-3784",
"CVE-2015-3793",
"CVE-2015-3795",
"CVE-2015-3796",
"CVE-2015-3797",
"CVE-2015-3798",
"CVE-2015-3800",
"CVE-2015-3802",
"CVE-2015-3803",
"CVE-2015-3804",
"CVE-2015-3805",
"CVE-2015-3806",
"CVE-2015-3807",
"CVE-2015-5749",
"CVE-2015-5755",
"CVE-2015-5756",
"CVE-2015-5757",
"CVE-2015-5758",
"CVE-2015-5761",
"CVE-2015-5773",
"CVE-2015-5774",
"CVE-2015-5775",
"CVE-2015-5776",
"CVE-2015-5777",
"CVE-2015-5778",
"CVE-2015-5781",
"CVE-2015-5782",
"CVE-2015-7995"
);
script_bugtraq_id(
67233,
70644,
76337,
76338,
76341,
76343,
77325
);
script_xref(name:"APPLE-SA", value:"APPLE-SA-2016-02-25-1");
script_name(english:"Apple TV < 7.2.1 Multiple Vulnerabilities");
script_summary(english:"Checks the version in the banner.");
script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"According to its banner, the remote Apple TV device is a version prior
to 7.2.1. It is, therefore, affected by multiple vulnerabilities in
the following components :
- bootp
- CFPreferences
- CloudKit
- Code Signing
- CoreMedia Playback
- CoreText
- DiskImages
- FontParser
- ImageIO
- IOHIDFamily
- IOKit
- Kernel
- Libc
- Libinfo
- libpthread
- libxml2
- libxpc
- libxslt
- Location Framework
- Office Viewer
- QL Office
- Sandbox_profiles
- WebKit");
script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205795");
# https://lists.apple.com/archives/security-announce/2016/Feb/msg00000.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d959a1e0");
script_set_attribute(attribute:"solution", value:
"Upgrade to Apple TV version 7.2.1 or later. Note that this update is
only available for 3rd generation models.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-5757");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/02/25");
script_set_attribute(attribute:"patch_publication_date", value:"2016/02/25");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/04/04");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:apple_tv");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("appletv_version.nasl");
script_require_keys("AppleTV/Version", "AppleTV/URL", "AppleTV/Port");
script_require_ports("Services/www", 7000);
exit(0);
}
include("audit.inc");
include("appletv_func.inc");
url = get_kb_item('AppleTV/URL');
if (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');
port = get_kb_item('AppleTV/Port');
if (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');
build = get_kb_item('AppleTV/Version');
if (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');
model = get_kb_item('AppleTV/Model');
if (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');
fixed_build = "12H523";
tvos_ver = '7.2.1';
gen = APPLETV_MODEL_GEN[model];
appletv_check_version(
build : build,
fix : fixed_build,
affected_gen : 3,
model : model,
gen : gen,
fix_tvos_ver : tvos_ver,
port : port,
url : url,
severity : SECURITY_HOLE
);
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6685
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3731
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3741
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3742
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3744
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3750
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3751
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3766
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3768
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3800
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3805
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5755
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5761
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5775
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5778
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7995
www.nessus.org/u?d959a1e0
support.apple.com/en-us/HT205795
Related
