Mac OS X Security Update 2005-004

2005-04-20T00:00:00
ID MACOSX_SECUPD2005-004.NASL
Type nessus
Reporter Tenable
Modified 2018-07-14T00:00:00

Description

The remote host is missing Security Update 2005-004. This security update contains security fixes for the following application :

  • iSync (local privilege escalation)

                                        
                                            #TRUSTED aba4130937b22e6a492cb88ae1412f0f1745d2b367168e1e93348b9e9b0124775d9c32f918727a2419b6a7e0909f39ce3cb282a75bf8ab5393bd4e9821e9e01838b9e03368b591f2ee2f3a24ae047014e8b06ccf92400f9f650bd9387d1a111097e9cc78b06a4ce7343c3a51118c0787e75e95bafd95919523ee329186b5d221257557ccbc03951003d3fd8436c0ef6fa2f7a9e582120438b762aacd370215fd4d70c22f79bcbacadea58d0369735d06f5e86472c3b66e36105a6b201139b0dd506d615591ce6b58c8b00598a91fe46e3410b4cb90e7a3e124090ef73840719db2ee70fb1045c7b8eceb2b50d6354422faf70e60df2c1cef74d22eb81d81b5beb02002d05babdcc2d472dafb7c5160a4164773e232c595d23a36785a40e73037431620bb1b5745e1a0ba3dd7465dfcc02ec84d28b1d38e596f784149694ac3f63abc5fda3a36cf32c21878dc26cb7a44ce803b03bc90dab40f2d60d3c894e002a1a1c12b202708470af24f9f0aded2b08d1c95cc85dc293b91118563977e398c50aa320da4bf7b4e154767ae748eab3dc7223b42a3056cf3392aea6bbf428c4494039a21cdfd53179caf27cd000248907fdc18f760d21c2788f33a84f0fc4e25d06aeddf02bb2a23b3e50ce618356192344fba37c753633680155b7c55bfd8cb38ff7cefba8c561d9d55f558c6e75161ee72b588476c67cbb5dbaead773efafd
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(18099);
 script_version("1.19");
 script_set_attribute(attribute:"plugin_modification_date", value: "2018/07/14");

 script_cve_id("CVE-2005-0193");
 script_bugtraq_id(12334);

 script_name(english:"Mac OS X Security Update 2005-004");
 script_summary(english:"Check for Security Update 2005-004");

 script_set_attribute(attribute:"synopsis", value:
"The remote operating system is missing a security update.");
 script_set_attribute(attribute:"description", value:
"The remote host is missing Security Update 2005-004.  This security
update contains security fixes for the following application :

- iSync (local privilege escalation)");
 script_set_attribute(attribute:"solution", value:"http://docs.info.apple.com/article.html?artnum=301326");
 script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/22");
 script_set_attribute(attribute:"patch_publication_date", value:"2005/04/12");
 script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/20");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);

 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}


include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");


if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

function exec(cmd)
{
 local_var buf, ret, soc;

 if ( islocalhost() )
  buf = pread(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
 else
 {
  ret = ssh_open_connection();
  if ( ! ret ) exit(0);
  buf = ssh_cmd(cmd:cmd);
  ssh_close_connection();
 }

 if ( buf !~ "^[0-9]" ) exit(0);

 buf = chomp(buf);
 return buf;
}

packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


uname = get_kb_item("Host/uname");
# MacOS X 10.2.8, 10.3.9 only
if ( egrep(pattern:"Darwin.* (6\.8\.|7\.[789]\.)", string:uname) )
{
 cmd = _GetBundleVersionCmd(file:"SymbianConduit.bundle", path:"/System/Library/SyncServices", label:"SourceVersion");
 buf = exec(cmd:cmd);
 if ( int(buf) > 0 && int(buf) < 840200 ) security_hole(0);
}