Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.MACOSX_SECUPD2006-006.NASL
HistorySep 29, 2006 - 12:00 a.m.

Mac OS X Multiple Vulnerabilities (Security Update 2006-006)

2006-09-2900:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
14
JSON

The remote host is running a version of Mac OS X 10.3 which does not have the security update 2006-006 applied.

Security Update 2006-006 contains several security fixes for the following programs :

  • CFNetwork
  • Flash Player
  • QuickDraw Manager
  • SASL
  • WebCore
#
# (C) Tenable Network Security, Inc.
#

if ( ! defined_func("bn_random") ) exit(0);


include("compat.inc");

if(description)
{
 script_id(22479);
 script_version ("1.18");
 script_cvs_date("Date: 2018/07/14  1:59:35");

 script_cve_id("CVE-2006-1721", "CVE-2006-3311", "CVE-2006-3587", "CVE-2006-3588", "CVE-2006-3946",
               "CVE-2006-4387", "CVE-2006-4390", "CVE-2006-4391", "CVE-2006-4392", "CVE-2006-4393",
               "CVE-2006-4394", "CVE-2006-4395", "CVE-2006-4397", "CVE-2006-4399", "CVE-2006-4640");
 script_bugtraq_id(20271);

 script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2006-006)");
 
 script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update which fixes a security
issue." );
 script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.3 which does not have
the security update 2006-006 applied.

Security Update 2006-006 contains several security fixes for the following 
programs :

 - CFNetwork
 - Flash Player
 - QuickDraw Manager
 - SASL
 - WebCore" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to Mac OS X 10.4.8 :
http://www.apple.com/support/downloads/macosx1048updateintel.html
http://www.apple.com/support/downloads/macosx1048updateppc.html" );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"exploit_framework_core", value:"true");
 script_cwe_id(264);
 script_set_attribute(attribute:"see_also", value:"http://docs.info.apple.com/article.html?artnum=304460" );

 script_set_attribute(attribute:"plugin_publication_date", value: "2006/09/29");
 script_set_attribute(attribute:"vuln_publication_date", value: "2006/07/31");
 script_set_attribute(attribute:"patch_publication_date", value: "2006/09/29");
 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
 script_end_attributes();

 script_summary(english:"Check for the version of Mac OS X");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");
 script_dependencies("ssh_get_info.nasl","mdns.nasl", "ntp_open.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}

packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.* 7\.[0-9]\.", string:uname) )
{
  if (!egrep(pattern:"^SecUpd(Srvr)?(2006-00[67]|2007-003)", string:packages)) security_hole(0);
}
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

References

Related

nessus 22
openvas 10
freebsd 2
redhat 3
suse 2
securityvulns 3
gentoo 2
ubuntucve 5
cve 15
cert 8
seebug 2
exploitpack 1
oraclelinux 2
centos 2
debian 2
ubuntu 1
prion 1
debiancve 1
exploitdb 1
vmware 2
nessus
nessus
Mac OS X 10.4.x < 10.4.8 Multiple Vulnerabilities
2006-09-29 00:00:00
SUSE-SA:2006:053: flash-player
2007-02-18 00:00:00
openSUSE 10 Security Update : flash-player (flash-player-2072)
2007-10-17 00:00:00
openvas
openvas
FreeBSD Ports: linux-flashplugin
2008-09-04 00:00:00
FreeBSD Ports: linux-flashplugin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200610-02 (Flash)
2008-09-24 00:00:00
freebsd
freebsd
linux-flashplugin7 -- arbitrary code execution vulnerabilities
2006-09-12 00:00:00
cyrus-sasl -- DIGEST-MD5 Pre-Authentication Denial of Service
2006-04-11 00:00:00
redhat
redhat
(RHSA-2006:0674) flash-plugin security update
2006-09-12 00:00:00
(RHSA-2007:0878) Moderate: cyrus-sasl security update
2007-09-04 00:00:00
(RHSA-2007:0795) Moderate: cyrus-sasl security and bug fix update
2007-09-04 00:00:00
suse
suse
local code execution in flash-player
2006-09-21 14:03:28
remote denial of service in cyrus-sasl-digestmd5
2006-05-05 14:16:08
securityvulns
securityvulns
Microsoft Security Bulletin MS06-069 Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution &#40;923789&#41;
2006-11-14 00:00:00
Computer Terrorism &#40;UK&#41; :: Incident Response Centre - Adobe/Macromedia Flash Player Vulnerability
2006-09-13 00:00:00
VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
2008-06-05 00:00:00
gentoo
gentoo
Adobe Flash Player: Arbitrary code execution
2006-10-04 00:00:00
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of service
2006-04-21 00:00:00
ubuntucve
ubuntucve
CVE-2006-3588
2006-07-13 00:00:00
CVE-2006-4640
2006-09-12 00:00:00
CVE-2006-3311
2006-09-12 00:00:00
cve
cve
CVE-2006-3588
2006-07-13 21:05:00
CVE-2006-4390
2006-10-03 04:02:00
CVE-2006-4393
2006-10-03 04:02:00
cert
cert
Apple Mac OS X may allow network accounts to bypass service access controls
2006-10-02 00:00:00
Apple kernel exception handling vulnerability
2006-10-02 00:00:00
Adobe Flash Player allowScriptAccess protection bypass vulnerability
2006-09-20 00:00:00
seebug
seebug
Mac OS X &lt;= 10.4.7 Mach Exception Handling Local Exploit (10.3.x 0day)
2006-09-30 00:00:00
Mac OS X <= 10.4.7 - Mach Exception Handling Local Exploit (10.3.x 0day)
2014-07-01 00:00:00
exploitpack
exploitpack
Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)
2006-09-30 00:00:00
oraclelinux
oraclelinux
Moderate: cyrus-sasl security update
2007-09-04 00:00:00
Moderate: cyrus-sasl security and bug fix update
2007-09-04 00:00:00
centos
centos
cyrus security update
2007-09-04 21:52:33
cyrus security update
2007-09-04 21:31:32
debian
debian
[SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service
2006-04-25 17:35:50
[SECURITY] [DSA 1042-1] New Cyrus SASL packages fix denial of service
2006-04-25 17:35:50
ubuntu
ubuntu
cyrus-sasl2 vulnerability
2006-04-24 00:00:00
prion
prion
Design/Logic Flaw
2006-04-11 23:02:00
debiancve
debiancve
CVE-2006-1721
2006-04-11 23:02:00
exploitdb
exploitdb
Apple Mac OSX 10.4.7 - Mach Exception Handling Local (10.3.x)
2006-09-30 00:00:00
vmware
vmware
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
2008-06-04 00:00:00
Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
2008-06-04 00:00:00
JSON
Related for MACOSX_SECUPD2006-006.NASL
nessus22openvas10freebsd2redhat3suse2securityvulns3gentoo2ubuntucve5cve15cert8seebug2exploitpack1oraclelinux2centos2debian2ubuntu1prion1debiancve1exploitdb1vmware2