Mac OS X Airport Update 2007-001

#TRUSTED 5bf106417ac935260bae4649e08f16a5b60668373eebc0653309379fe87f64ed1c130422240b38d83f40964377e7321e23322c2fb1a4080fefb46761056d9e3f5535f979323147871e3d2f1e2a28bea5fe1fa34113f800fb9708ebe430d3ba0bbec94ca1a15c140e20074a29dac211b90d072b07a6342f4f794ac1aeb9b969967b9d6d3153c758b02f3f50e474cf07e36e6e5f12f5ceb37c40b22c18fc473eefc21e9568daf5d596c526d8f16bcf59862ee40fb3b67a2776a21091ad097bcf29d8c3ca8f0ebe6c0470b75a70069c7d31b90cf9267c53264005257cbbe40e4e741682e1fe4d7f46f67dfa504971ace25dfa95f0bdfaffce3da1b326a463ab8a5d04ca84747bd47f88c41d0a900cc0fcebb767fdd89611aa673bec5d9ff9147244c01aa8d2668a6617d0553250a2f9fb59199e8c357a6fc4f222090851fd51491a9d916aa9ec5f1e1eced43cf2fa4e007643e9f646fbcf3fd4b81f2ca51c3fd2c1e3d9842a5116391c630fb57f5db793f7ae3418a3f43a73d833d15d8a21fb2613e2b11716e302df5e103e91713fbe7eb3ad1019eb4e3540672f0586c33d8e9fbd0fc9b5f80fe6319c2129282e4280130e3c40836994407d08cd6f3332c9a5c4993ea20f14a56c07d3633a35668a6eb8066e91a0996620b30f293640640bde0bf16e71b840d9c76ef17f02d4b82287648f60e778a88d3b006f6ff09a7e9bd15143
#TRUST-RSA-SHA256 599c3a4da1a25a4fa2d6a7ae0d96931d21b26c95280264943826d37c71fd3ac362ade3ffcdbcbdfdd38a284f3c3b2abbe21deebf1faacf5cfb15590a33831c625dca8bfa749d6aba4bd1f65d26f8ec9513146ceb9f71807d89f705b20393f1e72b0e1466edceac204abc0f81d81d722958d16d89d909d8fbcd184609810c565dd7262bc009cd3c95cf8ef1fc7a4c0dae770889b8b521820949bfcd58d529c033b9fea31cd8cc31cd3e3240f5cd55775ef2e971911063512bb24e599ae51dffe6e21cacaae7767a9713115e51665eda4c225020820255317812038152586ee675b6dab8ba5d907b6d1bf7ffac40fb4951239a9fe25d4b63db79c1a5baa7e8cb804b136da3783f71dc34b2b75b20d3feda0ad241e222a2dca1c92d8e80c3b751b64029f79fd66183d1b64fe18857bec50ec2905a3a45671bea990fc8ff910563de8573d9f5f1dd0b65f33aaa568f98eb0c0a83282a24401005c0bcc9bc64fb741f5ca2fc88c171557d6317118b6cca170c0eedd18aa8b7027fc99f3654fc3110c561d655e9201a83a9173bc4de3b80d6d94e9675a037b9a7081764382e1d9d276deb14fc9289f483cf51f35e50d56d8b1785f05405d2416a95831e3e2f1820e9c46b034c9143e7f813ec86729d6a45f5b6e971f4a8e34120928a85e27bd9701b6b746d34994e4840e1cd7cf5a3ac9af5e6cc4d426e77732cd9a6e279ee5b3d88b9
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(24241);
 script_version("1.21");
 script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/27");

 script_cve_id("CVE-2006-6292");
 script_bugtraq_id(21383);

 script_name(english:"Mac OS X Airport Update 2007-001");
 script_summary(english:"Check for the presence of the SecUpdate 2007-001");

 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes a security
issue.");
 script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.4 that does not have
Airport Update 2007-001 applied.

This update fixes a flaw in the wireless drivers that may allow an
attacker to crash a host by sending a malformed frame.");
 script_set_attribute(attribute:"solution", value:
"Install Airport Update 2007-001 :

http://www.nessus.org/u?0af16cb0");
 script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=305031");
 script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"cvss_score_source", value:"CVE-2006-6292");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2006/11/30");
 script_set_attribute(attribute:"patch_publication_date", value:"2007/01/24");
 script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/26");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2007-2023 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}

include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");


enable_ssh_wrappers();

function exec(cmd)
{
 local_var ret, buf;

 if ( islocalhost() )
  buf = pread_wrapper(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
 else
 {
  ret = ssh_open_connection();
  if ( ! ret ) exit(0);
  buf = ssh_cmd(cmd:cmd);
  ssh_close_connection();
 }


 buf = chomp(buf);
 return buf;
}

uname = get_kb_item("Host/uname");
if ( ! uname ) exit(0);
if ( ! egrep(pattern:"Darwin.* (8\.)", string:uname) ) exit(0);

packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);
if (
  "AirPortExtremeUpdate2007001.pkg" >< packages ||
  "AirPortExtremeUpdate2007002.pkg" >< packages ||
  "AirPortExtremeUpdate2007003.pkg" >< packages ||
  "AirPortExtremeUpdate2007004.pkg" >< packages ||
  "AirPortExtremeUpdate200800" >< packages
) exit(0);

buf = exec(cmd:"system_profiler SPHardwareDataType");
if ( ! buf )exit(0);
if ("Intel Core Duo" >!< buf ) exit(0); # Only Core [1] Duo affected


cmd = _GetBundleVersionCmd(file:"AirPortAtheros5424.kext", path:"/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns", label:"SourceVersion");
buf = exec(cmd:cmd);
if ( strlen(buf) && buf =~ "^[0-9]" && int(buf) < 2214600 ) { security_warning(0); exit(0); }

cmd = _GetBundleVersionCmd(file:"AppleAirPortBrcm4311.kext", path:"/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns", label:"SourceVersion");
buf = exec(cmd:cmd);
if ( strlen(buf) && buf =~ "^[0-9]" && int(buf) < 2217601 ) { security_warning(0); exit(0); }