Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_10_11_3.NASL
HistoryJan 21, 2016 - 12:00 a.m.

Mac OS X 10.11.x < 10.11.3 Multiple Vulnerabilities

2016-01-2100:00:00
This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

The remote host is running a version of Mac OS X that is 10.11.x prior to 10.11.3. It is, therefore, affected by multiple vulnerabilities in the following components :

  • AppleGraphicsPowerManagement
  • Disk Images
  • IOAcceleratorFamily
  • IOHIDFamily
  • IOKit
  • Kernel
  • libxslt
  • OSA Scripts
  • syslog

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(88047);
  script_version("1.11");
  script_cvs_date("Date: 2019/11/20");

  script_cve_id(
    "CVE-2015-7995",
    "CVE-2016-1716",
    "CVE-2016-1717",
    "CVE-2016-1718",
    "CVE-2016-1719",
    "CVE-2016-1720",
    "CVE-2016-1721",
    "CVE-2016-1722",
    "CVE-2016-1729"
  );
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2016-01-19-2");

  script_name(english:"Mac OS X 10.11.x < 10.11.3 Multiple Vulnerabilities");
  script_summary(english:"Checks the version of Mac OS X.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes multiple
security vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X that is 10.11.x prior
to 10.11.3. It is, therefore, affected by multiple vulnerabilities in
the following components :

  - AppleGraphicsPowerManagement
  - Disk Images
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit
  - Kernel
  - libxslt
  - OSA Scripts
  - syslog

Note that successful exploitation of the most serious issues can
result in arbitrary code execution.");
  script_set_attribute(attribute:"see_also", value:"https://support.apple.com/en-us/HT205731");
  # https://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e3fa4477");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Mac OS X version 10.11.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-1729");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2016/01/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2016/01/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/01/21");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

os = get_kb_item("Host/MacOSX/Version");
if (!os)
{
  os = get_kb_item_or_exit("Host/OS");
  if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X");

  c = get_kb_item("Host/OS/Confidence");
  if (c <= 70) exit(1, "Cannot determine the host's OS with sufficient confidence.");
}
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

match = eregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os);
if (isnull(match)) exit(1, "Failed to parse the Mac OS X version ('" + os + "').");

version = match[1];

if (
  version !~ "^10\.11([^0-9]|$)"
) audit(AUDIT_OS_NOT, "Mac OS X 10.11 or later", "Mac OS X "+version);

fixed_version = "10.11.3";
if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
  if (report_verbosity > 0)
    {
      report = '\n  Installed version : ' + version +
               '\n  Fixed version     : ' + fixed_version +
               '\n';
      security_hole(port:0, extra:report);
    }
    else security_hole(0);
    exit(0);
}
else exit(0, "The host is not affected since it is running Mac OS X "+version+".");
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

Related

apple 10
openvas 17
nessus 21
archlinux 1
cve 9
debiancve 1
freebsd 1
ubuntucve 1
prion 9
slackware 1
mageia 1
zdt 8
zdi 1
osv 7
debian 3
ibm 1
rubygems 1
ubuntu 1
rosalinux 1
androidsecurity 1
tenable 1
apple
apple
About the security content of OS X El Capitan 10.11.3 and Security Update 2016-001
2016-01-19 00:00:00
About the security content of OS X El Capitan 10.11.3 and Security Update 2016-001 - Apple Support
2016-01-19 06:29:30
About the security content of tvOS 9.1.1
2016-01-25 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities-01 (Feb 2016)
2016-02-03 00:00:00
Mageia: Security Advisory (MGASA-2015-0432)
2015-11-08 00:00:00
Slackware: Security Advisory (SSA:2016-148-02)
2022-04-21 00:00:00
nessus
nessus
Apple TV < 9.1.1 Multiple Vulnerabilities
2016-05-27 00:00:00
Apple TV < 9.1.1 Multiple Vulnerabilities
2016-01-27 00:00:00
Slackware 14.0 / 14.1 / current : libxslt (SSA:2016-148-02)
2016-05-31 00:00:00
archlinux
archlinux
libxslt: denial of service
2016-01-13 00:00:00
cve
cve
CVE-2015-7995
2015-11-17 15:59:00
CVE-2016-1716
2016-02-01 11:59:00
CVE-2016-1717
2016-02-01 11:59:00
debiancve
debiancve
CVE-2015-7995
2015-11-17 15:59:00
freebsd
freebsd
libxslt -- DoS vulnerability due to type confusing error
2015-10-29 00:00:00
ubuntucve
ubuntucve
CVE-2015-7995
2015-11-17 00:00:00
prion
prion
Type confusion
2015-11-17 15:59:00
Memory corruption
2016-02-01 11:59:00
Memory corruption
2016-02-01 11:59:00
slackware
slackware
[slackware-security] libxslt
2016-05-27 23:33:32
mageia
mageia
Updated libxslt packages fix security vulnerability
2015-11-06 01:46:03
zdt
zdt
iOS Kernel - AppleOscarCompass Use-After-Free
2016-01-28 00:00:00
iOS Kernel - AppleOscarAccelerometer Use-After-Free
2016-01-28 00:00:00
Apple Mac OSX / iOS - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution
2016-01-28 00:00:00
zdi
zdi
Apple OS X IOAcceleratorFamily2 Out-Of-Bounds Indexing Privilege Escalation Vulnerability
2016-01-22 00:00:00
osv
osv
CVE-2017-5029
2017-04-24 23:59:00
CVE-2019-11068
2019-04-10 20:29:01
CVE-2019-13118
2019-07-01 02:15:09
debian
debian
[SECURITY] [DSA 3605-1] libxslt security update
2016-06-19 05:00:31
[SECURITY] [DLA 514-1] libxslt security update
2016-06-12 21:50:20
[SECURITY] [DSA 3605-1] libxslt security update
2016-06-19 05:00:31
ibm
ibm
Security Bulletin: Vulnerabilities in libxslt affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems
2023-04-14 14:32:25
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
2015-04-13 21:00:00
ubuntu
ubuntu
Libxslt vulnerabilities
2017-04-28 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1906
2021-07-02 17:26:03
androidsecurity
androidsecurity
Android Security Bulletinβ€”June 2017
2017-06-05 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
JSON
Related for MACOSX_10_11_3.NASL
apple10openvas17nessus21archlinux1cve9debiancve1freebsd1ubuntucve1prion9slackware1mageia1zdt8zdi1osv7debian3ibm1rubygems1ubuntu1rosalinux1androidsecurity1tenable1