This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.MACOSX_SECUPD2012-001.NASLMac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)
The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-001 applied. This update contains multiple security-related fixes for the following components :
- Apache
- ATS
- ColorSync
- CoreAudio
- CoreMedia
- CoreText
- curl
- Data Security
- dovecot
- filecmds
- libresolv
- libsecurity
- OpenGL
- PHP
- QuickTime
- SquirrelMail
- Subversion
- Tomcat
- X11
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(57798);
script_version("1.26");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id(
"CVE-2010-1637",
"CVE-2010-2813",
"CVE-2010-4554",
"CVE-2010-4555",
"CVE-2011-0200",
"CVE-2011-1148",
"CVE-2011-1657",
"CVE-2011-1752",
"CVE-2011-1783",
"CVE-2011-1921",
"CVE-2011-1938",
"CVE-2011-2023",
"CVE-2011-2192",
"CVE-2011-2202",
"CVE-2011-2204",
"CVE-2011-2483",
"CVE-2011-2895",
"CVE-2011-3182",
"CVE-2011-3189",
"CVE-2011-3248",
"CVE-2011-3249",
"CVE-2011-3250",
"CVE-2011-3252",
"CVE-2011-3267",
"CVE-2011-3268",
"CVE-2011-3348",
"CVE-2011-3389",
"CVE-2011-3422",
"CVE-2011-3446",
"CVE-2011-3448",
"CVE-2011-3449",
"CVE-2011-3453",
"CVE-2011-3457",
"CVE-2011-3458",
"CVE-2011-3459",
"CVE-2011-3460"
);
script_bugtraq_id(
40291,
42399,
46843,
47950,
48091,
48259,
48416,
48434,
48456,
48648,
49124,
49241,
49249,
49252,
49376,
49429,
49616,
49778,
50065,
50400,
50401,
50404,
51807,
51808,
51809,
51811,
51812,
51814,
51817,
51832
);
script_xref(name:"APPLE-SA", value:"APPLE-SA-2012-02-03-1");
script_xref(name:"CERT", value:"403593");
script_xref(name:"CERT", value:"410281");
script_xref(name:"CEA-ID", value:"CEA-2019-0547");
script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)");
script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes multiple
security vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.6 that does not
have Security Update 2012-001 applied. This update contains multiple
security-related fixes for the following components :
- Apache
- ATS
- ColorSync
- CoreAudio
- CoreMedia
- CoreText
- curl
- Data Security
- dovecot
- filecmds
- libresolv
- libsecurity
- OpenGL
- PHP
- QuickTime
- SquirrelMail
- Subversion
- Tomcat
- X11");
script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-12-058/");
script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-12-103/");
script_set_attribute(attribute:"see_also", value:"http://www.zerodayinitiative.com/advisories/ZDI-12-130/");
script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2012/Aug/59");
script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT5130");
script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2012/Feb/msg00001.html");
script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2012/Feb/msg00002.html");
script_set_attribute(attribute:"see_also", value:"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html");
script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/~bodo/tls-cbc.txt");
script_set_attribute(attribute:"solution", value:
"Install Security Update 2012-001 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"in_the_news", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/21");
script_set_attribute(attribute:"patch_publication_date", value:"2012/02/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/02/02");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "Host/MacOSX/packages/boms");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
if (!ereg(pattern:"Mac OS X 10\.6([^0-9]|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.6");
packages = get_kb_item_or_exit("Host/MacOSX/packages/boms", exit_code:1);
if (
egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2012\.00[1-9]|201[3-9]\.[0-9]+)(\.snowleopard[0-9.]*)?\.bom", string:packages) ||
egrep(pattern:"^com\.apple\.pkg\.update\.security\.2012\.001(\.snowleopard)?\.1\.1\.bom", string:packages)
) exit(0, "The host has Security Update 2012-001 or later installed and therefore is not affected.");
else
{
if (report_verbosity > 0)
{
security_boms = egrep(pattern:"^com\.apple\.pkg\.update\.security", string:packages);
report = '\n Installed security updates : ';
if (security_boms) report += str_replace(find:'\n', replace:'\n ', string:security_boms);
else report += 'n/a';
report += '\n';
security_hole(port:0, extra:report);
}
else security_hole(0);
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1637
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4554
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0200
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1148
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1921
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2204
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2483
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3182
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3189
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3252
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3267
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3268
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3348
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3422
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3446
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3448
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3449
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3453
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3457
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3458
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3460
lists.apple.com/archives/security-announce/2012/Feb/msg00001.html
lists.apple.com/archives/security-announce/2012/Feb/msg00002.html
seclists.org/fulldisclosure/2012/Aug/59
support.apple.com/kb/HT5130
www.zerodayinitiative.com/advisories/ZDI-12-058/
www.zerodayinitiative.com/advisories/ZDI-12-103/
www.zerodayinitiative.com/advisories/ZDI-12-130/
www.imperialviolet.org/2011/09/23/chromeandbeast.html
www.openssl.org/~bodo/tls-cbc.txt
Related
