Mac OS X : GarageBand < 5.1

2009-08-04T00:00:00
ID MACOSX_GARAGEBAND_5_1.NASL
Type nessus
Reporter Tenable
Modified 2018-07-14T00:00:00

Description

The remote Mac OS X 10.5 host is running a version of GarageBand older than 5.1. When such versions are opened, Safari's preferences are changed from the default setting to accept cookies only for the sites being visited to always except cookies. This change may allow third-parties, in particular advertisers, to track a user's browsing activity.

                                        
                                            #TRUSTED 128a210497705a370baf0b2241af2132a92343b769e3d3590a0fcda74f830cc7cea0d83c97f2fcfb46e1ed2331e73bb3b5f6ab8bfcadde81c3cf3422df3702d747717b9ca29141eee83681b56a13888e3baf14acf2db2d0f0058811b2caf38bf9c63be2adc6e4cffbb267f40593bfc5e41a55f35474b75abfda9ea63fb442443fbc82ff0bbca48b80f3a4016020b6969e11a2a113c06008383e81cafc0c7bf7d41ff32d80d6af18ccf317f2d98fea807f7b2c8c1b310e7405f9d3812c1b94d105c1cf91ce7d9cff9c7e2fe67b84af6208066a114a02db90b8457be533ba55a742552782f189a110cae608cfd85b55c375ecc277e146b5dd9a024cbf70ffe90d76392c08df289c4fcef18139bf065475e14e63a0e9bcc373599ecf420848beeae00be8d49d0ab6f149c03169dd1520499aa02f5ec9a9685bf16c56371302885093540d057f47acd738ad214bba3750a8795cce4d14fecb20d8d611624108d5006f4007a46884bf699c3a6f3e5cca7531cef2f7c011648af81065a8046409e734606e95de911aaf52ab7105aa4f050ecd97e7864b49dc5d8083ca7ca5ad8cb7c2770ecbabc63d957e4660ff1e92aa80c1209375e82aead8db4ce95f87fd30397771726c0d23a9b04e216182e5c047299d93de9ed5bfd3452d0c152b28bc9230b773a3e9839aaf0697c86e9587033740962ee95b177088152ec7ea7ade6c730c1b6
#
# (C) Tenable Network Security, Inc.
#


if (!defined_func("bn_random")) exit(0);


include("compat.inc");


if (description)
{
  script_id(40480);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2018/07/14");

  script_cve_id("CVE-2009-2198");
  script_bugtraq_id(35926);

  script_name(english:"Mac OS X : GarageBand < 5.1");
  script_summary(english:"Checks the version of GarageBand");

  script_set_attribute(
    attribute:"synopsis",
    value:
"The remote host has a version of GarageBand that is affected by an
information disclosure vulnerability."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The remote Mac OS X 10.5 host is running a version of GarageBand
older than 5.1.  When such versions are opened, Safari's preferences
are changed from the default setting to accept cookies only for the
sites being visited to always except cookies.  This change may allow
third-parties, in particular advertisers, to track a user's browsing
activity."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.apple.com/kb/HT3732"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://lists.apple.com/archives/security-announce/2009/Aug/msg00000.html"
  );
  script_set_attribute(
    attribute:"solution",
    value:
"Upgrade to GarageBand 5.1 or later and check that Safari's preferences
are set as desired."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(264);
  script_set_attribute(attribute:"vuln_publication_date", value:"2009/08/03");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/08/04");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");
 
  script_copyright(english:"This script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
 
  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/MacOSX/packages");

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");



if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

packages = get_kb_item("Host/MacOSX/packages");
if (!packages) exit(1, "KB item 'Host/MacOSX/packages' not found.");

uname = get_kb_item("Host/uname");
if (!uname) exit(1, "KB item 'Host/uname' not found.");

# Mac OS X 10.5 only.
if (egrep(pattern:"Darwin.* 9\.", string:uname))
{
  cmd = GetBundleVersionCmd(file:"GarageBand.app", path:"/Applications", long:FALSE);

  if (islocalhost()) 
    version = pread(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
  else
  {
    ret = ssh_open_connection();
    if (!ret) exit(1, "Can't open an SSH connection.");
    version = ssh_cmd(cmd:cmd);
    ssh_close_connection();
  }
  if (!strlen(version)) exit(1, "Failed to get the version of GarageBand.");
  version = chomp(version);

  ver = split(version, sep:'.', keep:FALSE);
  #Prevent FPs if shell handler errors get mixed into results
  if(int(ver[0]) == 0 && ver[0] != "0") exit(1, "Failed to get the version of GarageBand.");
  for (i=0; i<max_index(ver); i++)
    ver[i] = int(ver[i]);

  # Fixed in version 5.1.
  if (
    ver[0] < 5 ||
    (ver[0] == 5 && ver[1] < 1)
  )
  {
    gs_opt = get_kb_item("global_settings/report_verbosity");
    if (gs_opt && gs_opt != 'Quiet')
    {
      report = 
        '\n  Installed version : ' + version + 
        '\n  Fixed version     : 5.1\n';
      security_warning(port:0, extra:report);
    }
    else security_warning(0);
  }
  else exit(0, "The remote host is not affected since GarageBand "+version+" is installed.");
}