Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.APPLETV_9_1.NASL
HistoryOct 13, 2016 - 12:00 a.m.

Apple TV < 9.1 Multiple Vulnerabilities

2016-10-1300:00:00
This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
JSON

According to its banner, the version of the remote Apple TV device is prior to 9.1. It is, therefore, affected by multiple vulnerabilities in the following components :

  • AppleMobileFileIntegrity
  • Compression
  • CoreGraphics
  • CoreMedia Playback
  • Disk Images
  • dyld
  • ImageIO
  • IOAcceleratorFamily
  • IOHIDFamily
  • IOKit SCSI
  • Kernel
  • libarchive
  • libc
  • libxml2
  • MobileStorageMounter
  • OpenGL
  • Security
  • WebKit

Note that only 4th generation models are affected by the vulnerabilities.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(94050);
  script_version("1.8");
  script_cvs_date("Date: 2019/02/26  4:50:08");

  script_cve_id(
    "CVE-2011-2895",
    "CVE-2015-7038",
    "CVE-2015-7039",
    "CVE-2015-7040",
    "CVE-2015-7041",
    "CVE-2015-7042",
    "CVE-2015-7043",
    "CVE-2015-7047",
    "CVE-2015-7048",
    "CVE-2015-7051",
    "CVE-2015-7053",
    "CVE-2015-7054",
    "CVE-2015-7055",
    "CVE-2015-7058",
    "CVE-2015-7059",
    "CVE-2015-7060",
    "CVE-2015-7061",
    "CVE-2015-7064",
    "CVE-2015-7065",
    "CVE-2015-7066",
    "CVE-2015-7068",
    "CVE-2015-7072",
    "CVE-2015-7073",
    "CVE-2015-7074",
    "CVE-2015-7075",
    "CVE-2015-7079",
    "CVE-2015-7083",
    "CVE-2015-7084",
    "CVE-2015-7095",
    "CVE-2015-7096",
    "CVE-2015-7097",
    "CVE-2015-7098",
    "CVE-2015-7099",
    "CVE-2015-7100",
    "CVE-2015-7101",
    "CVE-2015-7102",
    "CVE-2015-7103",
    "CVE-2015-7104",
    "CVE-2015-7105",
    "CVE-2015-7109",
    "CVE-2015-7110",
    "CVE-2015-7111",
    "CVE-2015-7112",
    "CVE-2015-7115",
    "CVE-2015-7116"
  );
  script_bugtraq_id(
    49124,
    78719,
    78720,
    78725,
    78726,
    78728,
    78728,
    78732,
    78733,
    78735,
    80379
  );
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-12-08-2");
  script_xref(name:"EDB-ID", value:"39357");
  script_xref(name:"EDB-ID", value:"38917");

  script_name(english:"Apple TV < 9.1 Multiple Vulnerabilities");
  script_summary(english:"Checks the build number.");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of the remote Apple TV device is
prior to 9.1. It is, therefore, affected by multiple vulnerabilities
in the following components :

  - AppleMobileFileIntegrity
  - Compression
  - CoreGraphics
  - CoreMedia Playback
  - Disk Images
  - dyld
  - ImageIO
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit SCSI
  - Kernel
  - libarchive
  - libc
  - libxml2
  - MobileStorageMounter
  - OpenGL
  - Security
  - WebKit

Note that only 4th generation models are affected by the
vulnerabilities.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205640");
  # https://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?951f278f");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Apple TV version 9.1 or later. Note that this update is
available only for 4th generation models.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2015-7116");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/12/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/12/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/10/13");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:apple_tv");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("appletv_version.nasl");
  script_require_keys("AppleTV/Version", "AppleTV/Model", "AppleTV/URL", "AppleTV/Port");
  script_require_ports("Services/www", 7000);

  exit(0);
}

include("appletv_func.inc");
include("audit.inc");

url = get_kb_item('AppleTV/URL');
if (empty_or_null(url)) exit(0, 'Cannot determine Apple TV URL.');
port = get_kb_item('AppleTV/Port');
if (empty_or_null(port)) exit(0, 'Cannot determine Apple TV port.');

build = get_kb_item('AppleTV/Version');
if (empty_or_null(build)) audit(AUDIT_UNKNOWN_DEVICE_VER, 'Apple TV');

model = get_kb_item('AppleTV/Model');
if (empty_or_null(model)) exit(0, 'Cannot determine Apple TV model.');

# fix
fixed_build = "13T402";
tvos_ver = "9.1"; # for reporting purposes only

# determine gen from the model
gen = APPLETV_MODEL_GEN[model];

appletv_check_version(
  build        : build,
  fix          : fixed_build,
  affected_gen : 4,
  fix_tvos_ver : tvos_ver,
  model        : model,
  gen          : gen,
  severity     : SECURITY_HOLE,
  port         : port,
  url          : url
);
VendorProductVersionCPE
appleapple_tvcpe:/a:apple:apple_tv

References

Related

nessus 32
prion 44
cve 44
debiancve 2
ubuntucve 13
kaspersky 1
openvas 27
fedora 3
zdt 11
redhat 4
oraclelinux 3
suse 3
freebsd 2
veracode 1
centos 3
securityvulns 2
freebsd_advisory 1
debian 1
ubuntu 1
gentoo 1
nessus
nessus
Apple TV < 9.1 Multiple Vulnerabilities
2016-05-27 00:00:00
Apple iTunes < 12.3.2 Multiple Vulnerabilities (credentialed check)
2015-12-15 00:00:00
Mac OS X : Apple Safari < 9.0.2 Multiple RCE
2015-12-15 00:00:00
prion
prion
Memory corruption
2015-12-11 11:59:00
Memory corruption
2015-12-11 11:59:00
Memory corruption
2015-12-11 12:00:00
cve
cve
CVE-2015-7095
2015-12-11 11:59:00
CVE-2015-7096
2015-12-11 11:59:00
CVE-2015-7048
2015-12-11 11:59:00
debiancve
debiancve
CVE-2015-7096
2015-12-11 11:59:00
CVE-2015-7098
2015-12-11 11:59:00
ubuntucve
ubuntucve
CVE-2015-7102
2015-12-11 00:00:00
CVE-2015-7100
2015-12-11 00:00:00
CVE-2015-7097
2015-12-11 00:00:00
kaspersky
kaspersky
KLA10721 Multiple vulnerabilities in Apple iTunes
2015-12-12 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Dec 2015)
2015-12-15 00:00:00
Fedora Update for webkitgtk4 FEDORA-2016-143
2016-02-11 00:00:00
RedHat Update for libXfont RHSA-2011:1154-01
2011-08-12 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: webkitgtk4-2.10.7-1.fc23
2016-02-04 23:25:26
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.7-1.fc22
2016-02-10 10:52:39
[SECURITY] Fedora 22 Update: webkitgtk4-2.10.4-1.fc22
2016-02-01 06:38:54
zdt
zdt
Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free
2016-01-28 00:00:00
Apple Mac OSX / iOS - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit
2016-01-28 00:00:00
Apple Mac OSX - Kernel no-more-senders Use-After-Free
2016-01-28 00:00:00
redhat
redhat
(RHSA-2011:1161) Moderate: freetype security update
2011-08-15 00:00:00
(RHSA-2011:1834) Important: libXfont security update
2011-12-19 00:00:00
(RHSA-2011:1155) Important: xorg-x11 security update
2011-08-11 00:00:00
oraclelinux
oraclelinux
freetype security update
2011-08-15 00:00:00
xorg-x11 security update
2011-08-12 00:00:00
libXfont security update
2011-08-11 00:00:00
suse
suse
Security update for Xorg X11 (important)
2011-09-13 17:08:18
Security update for Xorg-X11 (important)
2011-12-06 21:08:30
xorg-x11-libs (important)
2011-12-05 18:08:19
freebsd
freebsd
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1)
2011-09-28 00:00:00
libXfont -- possible local privilege escalation
2011-07-26 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:01:36
centos
centos
freetype security update
2011-08-16 13:02:42
xorg security update
2011-08-14 20:09:20
libXfont security update
2011-09-02 16:41:15
securityvulns
securityvulns
[USN-1191-1] libXfont vulnerability
2011-08-17 00:00:00
libXfont memory corruption
2013-08-17 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:04.compress
2011-09-28 00:00:00
debian
debian
[SECURITY] [DSA 2293-1] libxfont security update
2011-08-12 14:15:28
ubuntu
ubuntu
libXfont vulnerability
2011-08-15 00:00:00
gentoo
gentoo
libXfont: Multiple vulnerabilities
2014-02-21 00:00:00
JSON
Related for APPLETV_9_1.NASL
nessus32prion44cve44debiancve2ubuntucve13kaspersky1openvas27fedora3zdt11redhat4oraclelinux3suse3freebsd2veracode1centos3securityvulns2freebsd_advisory1debian1ubuntu1gentoo1