Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.MACOSX_10_10_5.NASL
HistoryAug 17, 2015 - 12:00 a.m.

Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities

2015-08-1700:00:00
This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
www.tenable.com
143
JSON

The remote host is running a version of Mac OS X 10.10.x that is prior to 10.10.5. It is, therefore, affected by multiple vulnerabilities in the following components :

  • apache
  • apache_mod_php
  • Apple ID OD Plug-in
  • AppleGraphicsControl
  • Bluetooth
  • bootp
  • CloudKit
  • CoreMedia Playback
  • CoreText
  • curl
  • Data Detectors Engine
  • Date & Time pref pane
  • Dictionary Application
  • DiskImages
  • dyld
  • FontParser
  • groff
  • ImageIO
  • Install Framework Legacy
  • IOFireWireFamily
  • IOGraphics
  • IOHIDFamily
  • Kernel
  • Libc
  • Libinfo
  • libpthread
  • libxml2
  • libxpc
  • mail_cmds
  • Notification Center OSX
  • ntfs
  • OpenSSH
  • OpenSSL
  • perl
  • PostgreSQL
  • python
  • QL Office
  • Quartz Composer Framework
  • Quick Look
  • QuickTime 7
  • SceneKit
  • Security
  • SMBClient
  • Speech UI
  • sudo
  • tcpdump
  • Text Formats
  • udf

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(85408);
  script_version("1.15");
  script_cvs_date("Date: 2018/07/16 12:48:31");

  script_cve_id(
    "CVE-2009-5044",
    "CVE-2009-5078",
    "CVE-2012-6685",
    "CVE-2013-1775",
    "CVE-2013-1776",
    "CVE-2013-2776",
    "CVE-2013-2777",
    "CVE-2013-7040",
    "CVE-2013-7338",
    "CVE-2013-7422",
    "CVE-2014-0067",
    "CVE-2014-0106",
    "CVE-2014-0191",
    "CVE-2014-1912",
    "CVE-2014-3581",
    "CVE-2014-3583",
    "CVE-2014-3613",
    "CVE-2014-3620",
    "CVE-2014-3660",
    "CVE-2014-3707",
    "CVE-2014-7185",
    "CVE-2014-7844",
    "CVE-2014-8109",
    "CVE-2014-8150",
    "CVE-2014-8151",
    "CVE-2014-8161",
    "CVE-2014-8767",
    "CVE-2014-8769",
    "CVE-2014-9140",
    "CVE-2014-9365",
    "CVE-2014-9680",
    "CVE-2015-0228",
    "CVE-2015-0241",
    "CVE-2015-0242",
    "CVE-2015-0243",
    "CVE-2015-0244",
    "CVE-2015-0253",
    "CVE-2015-1788",
    "CVE-2015-1789",
    "CVE-2015-1790",
    "CVE-2015-1791",
    "CVE-2015-1792",
    "CVE-2015-2783",
    "CVE-2015-2787",
    "CVE-2015-3143",
    "CVE-2015-3144",
    "CVE-2015-3145",
    "CVE-2015-3148",
    "CVE-2015-3153",
    "CVE-2015-3183",
    "CVE-2015-3185",
    "CVE-2015-3307",
    "CVE-2015-3329",
    "CVE-2015-3330",
    "CVE-2015-3729",
    "CVE-2015-3730",
    "CVE-2015-3731",
    "CVE-2015-3732",
    "CVE-2015-3733",
    "CVE-2015-3734",
    "CVE-2015-3735",
    "CVE-2015-3736",
    "CVE-2015-3737",
    "CVE-2015-3738",
    "CVE-2015-3739",
    "CVE-2015-3740",
    "CVE-2015-3741",
    "CVE-2015-3742",
    "CVE-2015-3743",
    "CVE-2015-3744",
    "CVE-2015-3745",
    "CVE-2015-3746",
    "CVE-2015-3747",
    "CVE-2015-3748",
    "CVE-2015-3749",
    "CVE-2015-3750",
    "CVE-2015-3751",
    "CVE-2015-3752",
    "CVE-2015-3753",
    "CVE-2015-3754",
    "CVE-2015-3755",
    "CVE-2015-3757",
    "CVE-2015-3760",
    "CVE-2015-3761",
    "CVE-2015-3762",
    "CVE-2015-3764",
    "CVE-2015-3765",
    "CVE-2015-3766",
    "CVE-2015-3767",
    "CVE-2015-3768",
    "CVE-2015-3769",
    "CVE-2015-3770",
    "CVE-2015-3771",
    "CVE-2015-3772",
    "CVE-2015-3773",
    "CVE-2015-3774",
    "CVE-2015-3775",
    "CVE-2015-3776",
    "CVE-2015-3777",
    "CVE-2015-3778",
    "CVE-2015-3779",
    "CVE-2015-3780",
    "CVE-2015-3781",
    "CVE-2015-3782",
    "CVE-2015-3783",
    "CVE-2015-3784",
    "CVE-2015-3786",
    "CVE-2015-3787",
    "CVE-2015-3788",
    "CVE-2015-3789",
    "CVE-2015-3790",
    "CVE-2015-3791",
    "CVE-2015-3792",
    "CVE-2015-3794",
    "CVE-2015-3795",
    "CVE-2015-3796",
    "CVE-2015-3797",
    "CVE-2015-3798",
    "CVE-2015-3799",
    "CVE-2015-3800",
    "CVE-2015-3802",
    "CVE-2015-3803",
    "CVE-2015-3804",
    "CVE-2015-3805",
    "CVE-2015-3806",
    "CVE-2015-3807",
    "CVE-2015-4021",
    "CVE-2015-4022",
    "CVE-2015-4024",
    "CVE-2015-4025",
    "CVE-2015-4026",
    "CVE-2015-4147",
    "CVE-2015-4148",
    "CVE-2015-5600",
    "CVE-2015-5747",
    "CVE-2015-5748",
    "CVE-2015-5750",
    "CVE-2015-5751",
    "CVE-2015-5753",
    "CVE-2015-5754",
    "CVE-2015-5755",
    "CVE-2015-5756",
    "CVE-2015-5757",
    "CVE-2015-5758",
    "CVE-2015-5761",
    "CVE-2015-5763",
    "CVE-2015-5768",
    "CVE-2015-5771",
    "CVE-2015-5772",
    "CVE-2015-5773",
    "CVE-2015-5774",
    "CVE-2015-5775",
    "CVE-2015-5776",
    "CVE-2015-5777",
    "CVE-2015-5778",
    "CVE-2015-5779",
    "CVE-2015-5781",
    "CVE-2015-5782",
    "CVE-2015-5783",
    "CVE-2015-5784"
  );
  script_bugtraq_id(
    36381,
    58203,
    58207,
    62741,
    64194,
    65179,
    65379,
    65721,
    65997,
    67233,
    69742,
    69748,
    70089,
    70644,
    70988,
    71150,
    71153,
    71468,
    71639,
    71656,
    71657,
    71701,
    71964,
    72538,
    72540,
    72542,
    72543,
    72649,
    72981,
    73040,
    73041,
    73357,
    73431,
    74174,
    74204,
    74239,
    74240,
    74299,
    74300,
    74301,
    74303,
    74408,
    74700,
    74703,
    74902,
    74903,
    74904,
    75056,
    75103,
    75154,
    75156,
    75157,
    75158,
    75161,
    75704,
    75963,
    75964,
    75965,
    75990,
    76337,
    76338,
    76339,
    76340,
    76341,
    76342,
    76343,
    76344
  );
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-08-13-2");

  script_name(english:"Mac OS X 10.10.x < 10.10.5 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of Mac OS X.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes multiple
security vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.10.x that is prior
to 10.10.5. It is, therefore, affected by multiple vulnerabilities in
the following components :

  - apache
  - apache_mod_php
  - Apple ID OD Plug-in
  - AppleGraphicsControl
  - Bluetooth
  - bootp
  - CloudKit
  - CoreMedia Playback
  - CoreText
  - curl
  - Data Detectors Engine
  - Date & Time pref pane
  - Dictionary Application
  - DiskImages
  - dyld
  - FontParser
  - groff
  - ImageIO
  - Install Framework Legacy
  - IOFireWireFamily
  - IOGraphics
  - IOHIDFamily
  - Kernel
  - Libc
  - Libinfo
  - libpthread
  - libxml2
  - libxpc
  - mail_cmds
  - Notification Center OSX
  - ntfs
  - OpenSSH
  - OpenSSL
  - perl
  - PostgreSQL
  - python
  - QL Office
  - Quartz Composer Framework
  - Quick Look
  - QuickTime 7
  - SceneKit
  - Security
  - SMBClient
  - Speech UI
  - sudo
  - tcpdump
  - Text Formats
  - udf 

Note that successful exploitation of the most serious issues can
result in arbitrary code execution.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205031");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Mac OS X 10.10.5 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Apple OS X DYLD_PRINT_TO_FILE Privilege Escalation');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/24");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/08/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/08/17");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

os = get_kb_item("Host/MacOSX/Version");
if (!os)
{
  os = get_kb_item_or_exit("Host/OS");
  if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X");

  c = get_kb_item("Host/OS/Confidence");
  if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
}
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

match = eregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os);
if (isnull(match)) exit(1, "Failed to parse the Mac OS X version ('" + os + "').");

version = match[1];
if (!ereg(pattern:"^10\.10([^0-9]|$)", string:version)) audit(AUDIT_OS_NOT, "Mac OS X 10.10", "Mac OS X "+version);

fixed_version = "10.10.5";
if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
  if (report_verbosity > 0)
    {
      report = '\n  Installed version : ' + version +
               '\n  Fixed version     : ' + fixed_version +
               '\n';
      security_hole(port:0, extra:report);
    }
    else security_hole(0);
    exit(0);
}
else exit(0, "The host is not affected since it is running Mac OS X "+version+".");
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

References

Related

securityvulns 14
nessus 60
openvas 50
apple 2
prion 10
cve 10
osv 3
fedora 7
debian 3
ibm 7
amazon 4
redhat 5
oraclelinux 5
freebsd 3
kaspersky 1
centos 3
mageia 2
veracode 4
ubuntu 2
slackware 1
threatpost 1
gentoo 1
archlinux 1
securityvulns
securityvulns
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006
2015-08-17 00:00:00
Apple Mac OS X / OS X Server multiple security vulnerabilities
2015-08-17 00:00:00
Apple Safari / Webkit multiple security vulnerabilities
2015-08-17 00:00:00
nessus
nessus
Mac OS X < 10.10.5 Multiple Vulnerabilities
2015-10-16 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2015-006)
2015-08-17 00:00:00
Apple TV < 7.2.1 Multiple Vulnerabilities
2016-04-04 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-03 (Oct 2015)
2015-10-29 00:00:00
Apple Safari Multiple Vulnerabilities-01 (Sep 2015) - Mac OS X
2015-09-01 00:00:00
Debian: Security Advisory (DSA-3280-1)
2015-06-06 00:00:00
apple
apple
About the security content of Apple TV 7.2.1
2016-02-25 00:00:00
About the security content of Apple TV 7.2.1 - Apple Support
2017-01-23 03:54:31
prion
prion
Memory corruption
2015-08-17 00:00:00
Memory corruption
2015-08-16 23:59:00
Memory corruption
2015-08-16 23:59:00
cve
cve
CVE-2015-5753
2015-08-17 00:00:00
CVE-2015-3765
2015-08-16 23:59:00
CVE-2015-3788
2015-08-16 23:59:00
osv
osv
php5 - security update
2015-06-07 00:00:00
postgresql-8.4 - new minor release
2015-02-12 00:00:00
postgresql-9.1 - security update
2015-02-06 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-curl-7.42.0-1.fc21
2015-05-04 15:28:35
[SECURITY] Fedora 21 Update: httpd-2.4.16-1.fc21
2015-07-30 00:52:03
[SECURITY] Fedora 21 Update: curl-7.37.0-14.fc21
2015-05-02 18:11:42
debian
debian
[SECURITY] [DSA 3280-1] php5 security update
2015-06-07 17:06:52
[SECURITY] [DLA-152-1] postgresql-8.4 update
2015-02-12 11:10:32
[SECURITY] [DSA 3155-1] postgresql-9.1 security update
2015-02-06 13:30:32
ibm
ibm
Security Bulletin: Vulnerabilities in curl affect IBM Security Network Intrusion Prevention System
2022-02-23 19:48:26
Security Bulletin: Multiple vulnerabilities in curl affect IBM Flex System Manager (FSM)
2018-06-18 01:30:20
Security Bulletin: Vulnerabilities in curl affect Power Hardware Management Console (CVE-2015-3143 CVE-2015-3148 CVE-2015-3153 CVE-2014-3613 CVE-2014-3707 CVE-2014-8150)
2021-09-23 01:31:39
amazon
amazon
Medium: postgresql92
2015-03-13 02:37:00
Medium: php55
2015-06-02 22:21:00
Medium: postgresql8
2015-04-15 21:47:00
redhat
redhat
(RHSA-2015:2159) Moderate: curl security, bug fix, and enhancement update
2015-11-19 14:41:12
(RHSA-2015:1254) Moderate: curl security, bug fix, and enhancement update
2015-07-22 05:29:46
(RHSA-2015:0750) Moderate: postgresql security update
2015-03-30 00:00:00
oraclelinux
oraclelinux
curl security, bug fix, and enhancement update
2015-11-23 00:00:00
curl security, bug fix, and enhancement update
2015-07-28 00:00:00
sudo security and bug fix update
2013-10-02 00:00:00
freebsd
freebsd
PostgreSQL -- multiple buffer overflows and memory issues
2015-02-05 00:00:00
apache24 -- multiple vulnerabilities
2015-02-04 00:00:00
php -- multiple vulnerabilities
2015-05-14 00:00:00
kaspersky
kaspersky
KLA10653 Code execution vulnerability in QuickTime
2015-05-18 00:00:00
centos
centos
curl, libcurl security update
2015-07-26 14:12:23
curl, libcurl security update
2015-11-30 19:26:37
postgresql security update
2015-03-30 13:25:17
mageia
mageia
Updated postgresql packages fix security vulnerabilities
2015-02-17 21:38:13
Updated php packages fix security vulnerabilities
2015-05-18 22:08:05
veracode
veracode
CRLF Injection
2019-05-02 05:40:50
Buffer Overflow
2019-05-02 05:12:40
SQL Injection
2019-05-02 05:12:40
ubuntu
ubuntu
curl vulnerabilities
2015-04-30 00:00:00
PostgreSQL vulnerabilities
2015-02-11 00:00:00
slackware
slackware
[slackware-security] openssl
2015-06-11 23:01:09
threatpost
threatpost
August 2015 Apple QuickTime Security Patches
2015-08-21 09:34:29
gentoo
gentoo
sudo: Privilege escalation
2014-01-21 00:00:00
archlinux
archlinux
postgresql: multiple issues
2015-02-06 00:00:00
JSON
Related for MACOSX_10_10_5.NASL
securityvulns14nessus60openvas50apple2prion10cve10osv3fedora7debian3ibm7amazon4redhat5oraclelinux5freebsd3kaspersky1centos3mageia2veracode4ubuntu2slackware1threatpost1gentoo1archlinux1