Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2018 Tenable Network Security, Inc.ITUNES_10_5_BANNER.NASL
HistoryOct 12, 2011 - 12:00 a.m.

Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check)

2011-10-1200:00:00
This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
www.tenable.com
20

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.969 High

EPSS

Percentile

99.7%

JSON

The version of Apple iTunes on the remote host is prior to version 10.5. It is, therefore, affected by multiple vulnerabilities in the CoreAudio, CoreFoundation, CoreMedia, ColorSync, ImageIO, and WebKit components. Note that these only affect iTunes for Windows.

#
# (C) Tenable Network Security, Inc.
#

if (NASL_LEVEL < 3000) exit(0);    # Avoid problems with large number of xrefs.


include("compat.inc");


if (description)
{
  script_id(56470);
  script_version("1.48");
  script_cvs_date("Date: 2018/11/15 20:50:24");

  script_cve_id(
    "CVE-2010-1823",
    "CVE-2011-0164",
    "CVE-2011-0200",
    "CVE-2011-0204",
    "CVE-2011-0215",
    "CVE-2011-0218",
    "CVE-2011-0221",
    "CVE-2011-0222",
    "CVE-2011-0223",
    "CVE-2011-0225",
    "CVE-2011-0232",
    "CVE-2011-0233",
    "CVE-2011-0234",
    "CVE-2011-0235",
    "CVE-2011-0237",
    "CVE-2011-0238",
    "CVE-2011-0240",
    "CVE-2011-0253",
    "CVE-2011-0254",
    "CVE-2011-0255",
    "CVE-2011-0259",
    "CVE-2011-0981",
    "CVE-2011-0983",
    "CVE-2011-1109",
    "CVE-2011-1114",
    "CVE-2011-1115",
    "CVE-2011-1117",
    "CVE-2011-1121",
    "CVE-2011-1188",
    "CVE-2011-1203",
    "CVE-2011-1204",
    "CVE-2011-1288",
    "CVE-2011-1293",
    "CVE-2011-1296",
    "CVE-2011-1440",
    "CVE-2011-1449",
    "CVE-2011-1451",
    "CVE-2011-1453",
    "CVE-2011-1457",
    "CVE-2011-1462",
    "CVE-2011-1774",
    "CVE-2011-1797",
    "CVE-2011-2338",
    "CVE-2011-2339",
    "CVE-2011-2341",
    "CVE-2011-2351",
    "CVE-2011-2352",
    "CVE-2011-2354",
    "CVE-2011-2356",
    "CVE-2011-2359",
    "CVE-2011-2788",
    "CVE-2011-2790",
    "CVE-2011-2792",
    "CVE-2011-2797",
    "CVE-2011-2799",
    "CVE-2011-2809",
    "CVE-2011-2811",
    "CVE-2011-2813",
    "CVE-2011-2814",
    "CVE-2011-2815",
    "CVE-2011-2816",
    "CVE-2011-2817",
    "CVE-2011-2818",
    "CVE-2011-2820",
    "CVE-2011-2823",
    "CVE-2011-2827",
    "CVE-2011-2831",
    "CVE-2011-3219",
    "CVE-2011-3232",
    "CVE-2011-3233",
    "CVE-2011-3234",
    "CVE-2011-3235",
    "CVE-2011-3236",
    "CVE-2011-3237",
    "CVE-2011-3238",
    "CVE-2011-3239",
    "CVE-2011-3241",
    "CVE-2011-3244",
    "CVE-2011-3252"
  );
  script_bugtraq_id(
    46262,
    46614,
    46785,
    47029,
    47604,
    48437,
    48479,
    48840,
    48856,
    48960,
    49279,
    49658,
    49850,
    50065,
    50066,
    50067,
    50068
  );
  script_xref(name:"MSVR", value:"MSVR11-001");

  script_name(english:"Apple iTunes < 10.5 Multiple Vulnerabilities (uncredentialed check)");
  script_summary(english:"Checks the version of iTunes.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains a multimedia application that has multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The version of Apple iTunes on the remote host is prior to version
10.5. It is, therefore, affected by multiple vulnerabilities in the
CoreAudio, CoreFoundation, CoreMedia, ColorSync, ImageIO, and WebKit
components. Note that these only affect iTunes for Windows.");
  script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-11-303/");
  script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-11-304/");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT4981");
  script_set_attribute(attribute:"see_also", value:"https://lists.apple.com/archives/security-announce/2011/Oct/msg00000.html");
  script_set_attribute(attribute:"solution", value:"Upgrade to Apple iTunes 10.5 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploithub_sku", value:"EH-11-678");
  script_set_attribute(attribute:"exploit_framework_exploithub", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Apple Safari Webkit libxslt Arbitrary File Creation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');

script_set_attribute(attribute:"vuln_publication_date", value:"2011/10/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/10/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/12");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:apple:itunes");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);

  script_family(english:"Peer-To-Peer File Sharing");

  script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");

  script_dependencies("itunes_sharing.nasl");
  script_require_keys("iTunes/sharing");
  script_require_ports("Services/www", 3689);

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("http.inc");

port = get_http_port(default:3689, embedded:TRUE, ignore_broken:TRUE);

get_kb_item_or_exit("iTunes/" + port + "/enabled");

type = get_kb_item_or_exit("iTunes/" + port + "/type");
source = get_kb_item_or_exit("iTunes/" + port + "/source");
version = get_kb_item_or_exit("iTunes/" + port + "/version");

if (type != 'Windows') audit(AUDIT_OS_NOT, "Windows");

fixed_version = "10.5";

if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
  if (report_verbosity > 0)
  {
    report = '\n  Version source    : ' + source +
             '\n  Installed version : ' + version +
             '\n  Fixed version     : ' + fixed_version + '\n';
    security_hole(port:port, extra:report);
  }
  else security_hole(port);
}
else audit(AUDIT_LISTEN_NOT_VULN, "iTunes", port, version);
VendorProductVersionCPE
appleitunescpe:/a:apple:itunes

References

Related

seebug 3
securityvulns 17
nessus 9
openvas 17
debian 6
osv 3
debiancve 9
cve 28
prion 27
nvd 28
cvelist 27
zdi 2
ubuntucve 22
checkpoint_advisories 1
seebug
seebug
Apple iTunes多个安全漏洞
2011-10-13 00:00:00
Apple Safari 5.1和5.0.6之前版本多个安全漏洞
2011-07-22 00:00:00
Apple Mac OS X CoreMedia H.264编码视频文件缓冲区溢出漏洞
2011-10-27 00:00:00
securityvulns
securityvulns
Apple iTunes multiple security vulnerabilities
2011-10-16 00:00:00
APPLE-SA-2011-10-11-1 iTunes 10.5
2011-10-16 00:00:00
Apple Safari / WebKit multiple security vulnerabilities
2011-10-15 00:00:00
nessus
nessus
Apple iTunes < 10.5 Multiple Vulnerabilities (credentialed check)
2011-10-12 00:00:00
Safari < 5.1.1 Multiple Vulnerabilities
2011-10-13 00:00:00
Mac OS X : Apple Safari < 5.1.1
2011-10-13 00:00:00
openvas
openvas
Apple iTunes Multiple Vulnerabilities (Oct 2011)
2011-10-20 00:00:00
Apple iTunes Multiple Vulnerabilities - Oct 11
2011-10-20 00:00:00
Apple Safari Multiple Vulnerabilities - Oct 2011 (Windows)
2012-05-24 00:00:00
debian
debian
[SECURITY] [DSA 2189-1] chromium-browser security update
2011-03-10 17:22:58
[SECURITY] [DSA 2189-1] chromium-browser security update
2011-03-10 17:22:58
[SECURITY] [DSA 2245-1] chromium-browser security update
2011-05-29 10:50:22
osv
osv
chromium-browser - several
2011-03-10 00:00:00
chromium-browser - several vulnerabilities
2011-05-29 00:00:00
chromium-browser - several
2011-09-11 00:00:00
debiancve
debiancve
CVE-2011-2359
2011-08-03 00:55:00
CVE-2011-1449
2011-05-03 22:55:00
CVE-2011-2823
2011-08-29 15:55:00
cve
cve
CVE-2011-2354
2011-10-12 18:55:01
CVE-2011-3237
2011-10-12 18:55:02
CVE-2011-1288
2011-07-21 23:55:02
prion
prion
Memory corruption
2011-10-12 18:55:00
Design/Logic Flaw
2011-05-03 22:55:00
Memory corruption
2011-10-12 18:55:00
nvd
nvd
CVE-2011-2351
2011-06-29 17:55:04
CVE-2011-1288
2011-07-21 23:55:02
CVE-2011-3219
2011-10-12 18:55:01
cvelist
cvelist
CVE-2011-2351
2011-06-29 17:00:00
CVE-2011-1449
2011-05-03 22:00:00
CVE-2011-2352
2011-10-12 18:00:00
zdi
zdi
Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability
2011-10-26 00:00:00
Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability
2011-07-27 00:00:00
ubuntucve
ubuntucve
CVE-2011-2823
2011-08-29 00:00:00
CVE-2011-3244
2011-10-12 00:00:00
CVE-2011-2352
2011-10-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Google Chrome and Apple Safari Apple Webkit Ruby Memory Corruption - Ver2 (CVE-2011-1440)
2014-03-31 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.969 High

EPSS

Percentile

99.7%

JSON
Related for ITUNES_10_5_BANNER.NASL
seebug3securityvulns17nessus9openvas17debian6osv3debiancve9cve28prion27nvd28cvelist27zdi2ubuntucve22checkpoint_advisories1