Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.MACOSX_SECUPD2005-009.NASL
HistoryNov 30, 2005 - 12:00 a.m.

Mac OS X Multiple Vulnerabilities (Security Update 2005-009)

2005-11-3000:00:00
This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
www.tenable.com
14
JSON

The remote host is running Apple Mac OS X, but lacks Security Update 2005-009.

This security update contains fixes for the following applications :

  • Apache2
  • Apache_mod_ssl
  • CoreFoundation
  • curl
  • iodbcadmintool
  • OpenSSL
  • passwordserver
  • Safari
  • sudo
  • syslog
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(20249);
  script_version("1.20");
  script_cvs_date("Date: 2018/07/14  1:59:35");

  script_cve_id("CVE-2005-1993", "CVE-2005-2088", "CVE-2005-2272", "CVE-2005-2491", "CVE-2005-2700",
                "CVE-2005-2757", "CVE-2005-2969", "CVE-2005-3185", "CVE-2005-3700", "CVE-2005-3701",
                "CVE-2005-3702", "CVE-2005-3704", "CVE-2005-3705");
  script_bugtraq_id(13993, 14011, 14106, 14620, 14721, 15071, 15102, 16882, 16903, 16904, 16926, 29011);

  script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2005-009)");
  script_summary(english:"Check for Security Update 2005-009");

  script_set_attribute(attribute:"synopsis", value:"The remote operating system is missing a vendor-supplied patch.");
  script_set_attribute(attribute:"description", value:
"The remote host is running Apple Mac OS X, but lacks
Security Update 2005-009.

This security update contains fixes for the following
applications :

- Apache2
- Apache_mod_ssl
- CoreFoundation
- curl
- iodbcadmintool
- OpenSSL
- passwordserver
- Safari
- sudo
- syslog");
  script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=302847");
  script_set_attribute(attribute:"solution", value:
"Mac OS X 10.4 :
http://www.apple.com/support/downloads/securityupdate2005009tigerclient.html
http://www.apple.com/support/downloads/securityupdate2005009tigerserver.html

Mac OS X 10.3 :
http://www.apple.com/support/downloads/securityupdate2005009pantherclient.html
http://www.apple.com/support/downloads/securityupdate2005009pantherserver.html");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2005/06/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2005/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/11/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
  script_family(english:"MacOS X Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/MacOSX/packages");
  exit(0);
}


packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.* (7\.[0-9]\.|8\.[0-3]\.)", string:uname) )
{
  if (!egrep(pattern:"^SecUpd(Srvr)?(2005-009|2006-00[123467]|2007-003)", string:packages)) security_hole(0);
}
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

Related

openvas 58
nessus 54
gentoo 5
suse 3
osv 5
debian 16
cve 10
freebsd 3
ubuntu 3
f5 6
ubuntucve 4
debiancve 3
altlinux 6
jvn 1
centos 6
slackware 3
securityvulns 4
openssl 1
freebsd_advisory 1
httpd 2
redhat 4
cert 1
openvas
openvas
Gentoo Security Advisory GLSA 200509-12 (Apache)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200509-12 (Apache)
2008-09-24 00:00:00
SLES9: Security update for Apache2
2009-10-10 00:00:00
nessus
nessus
GLSA-200509-12 : Apache, mod_ssl: Multiple vulnerabilities
2005-10-05 00:00:00
Apache < 2.0.55 Multiple Vulnerabilities
2008-03-26 00:00:00
HP-UX PHSS_34163 : Apache-based Web Server on HP-UX mod_ssl, proxy_http, Remote Execution of Arbitrary Code, Denial of Service (DoS), and Unauthorized Access (HPSBUX02074 SSRT051251 rev.2)
2006-03-21 00:00:00
gentoo
gentoo
Apache, mod_ssl: Multiple vulnerabilities
2005-09-19 00:00:00
OpenSSL: SSL 2.0 protocol rollback
2005-10-12 00:00:00
libpcre: Heap integer overflow
2005-08-25 00:00:00
suse
suse
local command execution, authentication bypass, in apache2
2005-09-16 12:34:21
local command execution, authentication bypass, in apache2
2005-09-12 13:00:50
protocol downgrade attack in openssl
2005-10-19 12:57:35
osv
osv
apache2 - several
2005-09-08 00:00:00
openssl094 - cryptographic weakness
2005-10-27 00:00:00
python2.2 - integer overflow
2005-09-22 00:00:00
debian
debian
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities
2005-09-08 18:07:44
[SECURITY] [DSA 888-1] New OpenSSL packages fix cryptographic weakness
2005-11-07 19:06:00
cve
cve
CVE-2005-2272
2005-07-13 04:00:00
CVE-2005-2969
2005-10-18 21:02:00
CVE-2005-3700
2005-12-01 02:07:00
freebsd
freebsd
openssl -- potential SSL 2.0 rollback
2005-10-11 00:00:00
apache -- http request smuggling
2005-07-25 00:00:00
pcre -- regular expression buffer overflow
2005-08-01 00:00:00
ubuntu
ubuntu
SSL library vulnerability
2005-10-14 00:00:00
PCRE vulnerability
2005-08-25 00:00:00
PCRE vulnerability
2005-08-24 00:00:00
f5
f5
SOL5533 - Potential protocol version rollback vulnerability in OpenSSL - CVE-2005-2969
2007-05-16 00:00:00
K5533 : Potential protocol version rollback vulnerability in OpenSSL - CVE-2005-2969
2013-03-28 00:00:00
K5278 : Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700
2013-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2005-2969
2005-10-18 00:00:00
CVE-2005-2700
2005-09-06 00:00:00
CVE-2005-1993
2005-06-20 00:00:00
debiancve
debiancve
CVE-2005-2969
2005-10-18 21:02:00
CVE-2005-2700
2005-09-06 23:03:00
CVE-2005-1993
2005-06-20 04:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl10 version 0.9.7g-alt3
2005-10-11 00:00:00
Security fix for the ALT Linux 8 package sudo version 1:1.6.7p5-alt5
2005-06-21 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 0.9.7g-alt3
2005-10-11 00:00:00
jvn
jvn
JVN#23632449: OpenSSL version rollback vulnerability
2005-10-11 00:00:00
centos
centos
sudo security update
2005-06-29 23:22:57
sudo security update
2005-06-29 16:58:32
mod_ssl security update
2005-09-16 00:34:35
slackware
slackware
OpenSSL
2005-10-13 18:06:49
PCRE library
2005-08-30 15:53:53
mod_ssl
2005-09-08 15:54:45
securityvulns
securityvulns
[Full-disclosure] OpenSSL SSL 2.0 Rollback &#40;CAN-2005-2969&#41;
2005-10-11 00:00:00
MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability
2005-08-28 00:00:00
MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability
2005-08-28 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2005-2969
2005-10-11 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-05:21.openssl
2005-10-11 00:00:00
httpd
httpd
Apache Httpd < 2.0.55 : SSLVerifyClient bypass
2005-08-30 00:00:00
Apache Httpd < 2.0.55 : PCRE overflow
2005-10-14 00:00:00
redhat
redhat
(RHSA-2005:773) mod_ssl security update
2005-09-15 00:00:00
(RHSA-2005:535) sudo security update
2005-06-29 00:00:00
(RHSA-2006:0197) python security update
2006-03-09 00:00:00
cert
cert
mod_ssl fails to properly enforce client certificates authentication
2005-09-09 00:00:00
JSON
Related for MACOSX_SECUPD2005-009.NASL
openvas58nessus54gentoo5suse3osv5debian16cve10freebsd3ubuntu3f56ubuntucve4debiancve3altlinux6jvn1centos6slackware3securityvulns4openssl1freebsd_advisory1httpd2redhat4cert1