Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.MACOSX_SECUPD2005-008.NASL
HistorySep 23, 2005 - 12:00 a.m.

Mac OS X Multiple Vulnerabilities (Security Update 2005-008)

2005-09-2300:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
13
JSON

The remote host is running Apple Mac OS X, but lacks Security Update 2005-008.

This security update contains fixes for the following applications :

  • ImageIO
  • LibSystem
  • Mail
  • QuickDraw
  • Ruby
  • SecurityAgent
  • securityd
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(19773);
 script_version("1.19");
 script_cvs_date("Date: 2018/07/14  1:59:35");

  script_cve_id("CVE-2005-1992", "CVE-2005-2524", "CVE-2005-2741", "CVE-2005-2742", "CVE-2005-2743",
                "CVE-2005-2744", "CVE-2005-2745", "CVE-2005-2746", "CVE-2005-2747", "CVE-2005-2748");
 script_bugtraq_id(14914, 14939);

 script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2005-008)");
 script_summary(english:"Check for Security Update 2005-008");

 script_set_attribute(attribute:"synopsis", value:"The remote operating system is missing a vendor-supplied patch.");
 script_set_attribute(attribute:"description", value:
"The remote host is running Apple Mac OS X, but lacks
Security Update 2005-008.

This security update contains fixes for the following
applications :

- ImageIO
- LibSystem
- Mail
- QuickDraw
- Ruby
- SecurityAgent
- securityd");
 # http://web.archive.org/web/20060419122213/http://docs.info.apple.com/article.html?artnum=302413
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7db6d8b");
 script_set_attribute(attribute:"solution", value:
"Mac OS X 10.4 :
http://support.apple.com/downloads/Security_Update_2005_008__Mac_OS_X_10_4_2_

Mac OS X 10.3 :
http://support.apple.com/downloads/Security_Update_2005_008__Mac_OS_X_10_3_9_");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2005/06/22");
 script_set_attribute(attribute:"patch_publication_date", value:"2005/06/22");
 script_set_attribute(attribute:"plugin_publication_date", value:"2005/09/23");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}


packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.* (7\.[0-9]\.|8\.2\.)", string:uname) )
{
  if (!egrep(pattern:"^SecUpd(Srvr)?(2005-008|2006-00[123467]|2007-003)", string:packages)) security_hole(0);
}
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

Related

cert 3
cve 10
openvas 8
nessus 11
ubuntucve 1
ubuntu 1
debian 2
centos 1
redhat 1
gentoo 1
freebsd 1
cert
cert
Apple Mac OS X ImageIO fails to properly handle corrupt GIF files
2005-09-27 00:00:00
Apple Mac OS X QuickDraw Manager fails to properly handle corrupt PICT files
2005-09-27 00:00:00
Ruby library contains vulnerable default value
2005-10-03 00:00:00
cve
cve
CVE-2005-2747
2005-10-25 22:06:00
CVE-2005-2742
2005-10-26 00:02:00
CVE-2005-2746
2005-10-26 00:02:00
openvas
openvas
FreeBSD Ports: ruby, ruby_static
2008-09-04 00:00:00
Debian Security Advisory DSA 748-1 (ruby1.8)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200507-10 (ruby)
2008-09-24 00:00:00
nessus
nessus
RHEL 4 : ruby (RHSA-2005:543)
2005-08-07 00:00:00
Fedora Core 4 : ruby-1.8.2-7.fc4.2 (2005-475)
2005-06-28 00:00:00
FreeBSD : ruby -- arbitrary command execution on XMLRPC server (594eb447-e398-11d9-a8bd-000cf18bbe54)
2005-07-13 00:00:00
ubuntucve
ubuntucve
CVE-2005-1992
2005-06-20 00:00:00
ubuntu
ubuntu
Ruby vulnerability
2005-06-29 00:00:00
debian
debian
[SECURITY] [DSA 748-1] New ruby1.8 packages fix arbitrary command execution
2005-07-11 11:44:31
[SECURITY] [DSA 748-1] New ruby1.8 packages fix arbitrary command execution
2005-07-11 11:44:31
centos
centos
irb, ruby security update
2005-08-05 14:56:45
redhat
redhat
(RHSA-2005:543) ruby security update
2005-08-05 00:00:00
gentoo
gentoo
Ruby: Arbitrary command execution through XML-RPC
2005-07-11 00:00:00
freebsd
freebsd
ruby -- arbitrary command execution on XMLRPC server
2005-06-22 00:00:00
JSON
Related for MACOSX_SECUPD2005-008.NASL
cert3cve10openvas8nessus11ubuntucve1ubuntu1debian2centos1redhat1gentoo1freebsd1