Lucene search
This script is Copyright (C) 2005-2024 Tenable Network Security, Inc.MACOSX_SECUPD2005-004.NASLHistoryApr 20, 2005 - 12:00 a.m.
Mac OS X Security Update 2005-004
2005-04-2000:00:00
This script is Copyright (C) 2005-2024 Tenable Network Security, Inc.
www.tenable.com
11
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
The remote host is missing Security Update 2005-004. This security update contains security fixes for the following application :
- iSync (local privilege escalation)
#TRUSTED 25d0c02d238800da043f23d7237a8c7b588a92d579854b9bdfd3a7dec297b23d3d5f15d0ef47a2abe4f874116dae3cc580869b9324b9836bc682c6066e6902bc5edb13f931ed9623a1aac0ee3202c4ae366f56c986ccbac130c7134734a3e72db3c2ca659925491ba1081f886f44f8886251e6b9e8aa295759cb5d4b6880413642f90f222cbd8238b439623a250bf04dca355eb28d624b658bf96f2a8df984fb1f3bfdb86c29aa65a98ac193f076a508d368fbf93755c8738ca5619602c022400fa680a511d27a6ea2dd46cd4d66328f170baae4665f20b11aecaf0ff0307067b81a8316ba984cfdb1bf7acd12f4a421f4d8be28b426941e1dbbea638876987de89acef58b83b49ef6be3a966394e93ee9f4b834898bead5f854fbf939dc327a89a4a250ad27aeb887fe8f6cbbfa9d5cdb75132c3ed2ee9b8c7fd6a15e05deb994caa170a2c6f41481a672662b9de20de23303c66cdc4cda44dcc58375384bb8d3dceec25bdd3624b79d1f34b3a4b5e45e21ab588101993548ade50bce2b47c2b216f636ea97d934e374c9f216d94650ff42272f589dc48178a3b9c9c7cf21397975ffcae842461420cdbcdcb511df492c19dc12439f1834d5f35979cea0a6947f12f5d0f45e1974418096a2f433efcbebe2455c64531f0af092e7d242305e00388a9cdeef6e7ad19cfd12a27cecbb0ba235d744123f044425e787fb6ee5e9aa
#TRUST-RSA-SHA256 3ac3573f26c469b34a69b444276c756d0b6c7cea5d514969e2a168c32541d880008ecda39322d5030394109fc73c32f51093e5d311ce74ae7068b27703bbfd383a34a954c0c599d7a2f28f8c3d826ea0b72b457b6da11e220b27af29f2172c01b7f6f537346cca643a1b3498f03ea351e68303bb75c9499cba9cdda811f0ce07c442895d00dfd6d48a61568ddd5db7c852227313d5f4bf498bd50bf16df312c31047c3f26123d16cc60a1ef9fcda0243ed7176b475286332a4b2bf7d043f88216a1e19dbe999be630a6f3414884c6b3daff9041d93a853fc1b3de971ac25a24bc1d5cfcf4c4a0d6ceb955e8623761eabab5b3ee705cda89c08b8117ceddff12ac5bc0c1b90c6925a8e74da79e2b390efe8837076da03fa7c1373124bfcaa49a0125772e5168071557a4f98e7d6d4a4d82c63c229ffb0be12475c5ecdcca1c2466971ca8fe85ce028abf8a192faa6462002f0c6629bec0000d92d4a77a88bce3985b1d7bada47cf4d420caa2123eae250d0dd9222c58311d10acc9e9efcfef98189f090ccb480738196e6411584b51289905a296cc6bc923108c64d764d699c1dabf14c88378403f31819331f59c31403eebe8f62a55d2f148e397a4db5d246f088c6439595a8a0c35091a5f93b8e96e5a759c34c07849ad6364b7375f6f63e9598810946c3ecf267aad1c4ce227353bddb988e5bfd658d5a36b54a9984843df7
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(18099);
script_version("1.24");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/28");
script_cve_id("CVE-2005-0193");
script_bugtraq_id(12334);
script_name(english:"Mac OS X Security Update 2005-004");
script_summary(english:"Check for Security Update 2005-004");
script_set_attribute(attribute:"synopsis", value:
"The remote operating system is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote host is missing Security Update 2005-004. This security
update contains security fixes for the following application :
- iSync (local privilege escalation)");
script_set_attribute(attribute:"solution", value:"http://docs.info.apple.com/article.html?artnum=301326");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2005-0193");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/01/22");
script_set_attribute(attribute:"patch_publication_date", value:"2005/04/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x:10.2");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x:10.3");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2024 Tenable Network Security, Inc.");
script_family(english:"MacOS X Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/MacOSX/packages");
exit(0);
}
include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");
enable_ssh_wrappers();
function exec(cmd)
{
local_var buf, ret, soc;
if ( islocalhost() )
buf = pread_wrapper(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
else
{
ret = ssh_open_connection();
if ( ! ret ) exit(0);
buf = ssh_cmd(cmd:cmd);
ssh_close_connection();
}
if ( buf !~ "^[0-9]" ) exit(0);
buf = chomp(buf);
return buf;
}
packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);
uname = get_kb_item("Host/uname");
# MacOS X 10.2.8, 10.3.9 only
if ( egrep(pattern:"Darwin.* (6\.8\.|7\.[789]\.)", string:uname) )
{
cmd = _GetBundleVersionCmd(file:"SymbianConduit.bundle", path:"/System/Library/SyncServices", label:"SourceVersion");
buf = exec(cmd:cmd);
if ( int(buf) > 0 && int(buf) < 840200 ) security_hole(0);
}
Related
nvd
nvd
CVE-2005-0193
2005-01-22 05:00:00
cve
cve
CVE-2005-0193
2005-02-06 05:00:00
cvelist
cvelist
CVE-2005-0193
2005-02-06 05:00:00
nessus
nessus
Mac OS X Multiple Vulnerabilities (Security Update 2005-005)
2005-05-03 00:00:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
0.4%
Related for MACOSX_SECUPD2005-004.NASL