Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.MACOSX_SECUPD2013-004.NASL
HistorySep 13, 2013 - 12:00 a.m.

Mac OS X Multiple Vulnerabilities (Security Update 2013-004)

2013-09-1300:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
49
JSON

The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-004 applied. This update contains several security-related fixes for the following component :

  • Apache
  • Bind
  • Certificate Trust Policy
  • ClamAV
  • Installer
  • IPSec
  • Mobile Device Management
  • OpenSSL
  • PHP
  • PostgreSQL
  • QuickTime
  • sudo

Note that successful exploitation of the most serious issues could result in arbitrary code execution.

#
# (C) Tenable Network Security, Inc.
#

include('compat.inc');

if (description)
{
  script_id(69878);
  script_version("1.19");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id(
    "CVE-2012-0883",
    "CVE-2012-2686",
    "CVE-2012-2687",
    "CVE-2012-3499",
    "CVE-2012-3817",
    "CVE-2012-4244",
    "CVE-2012-4558",
    "CVE-2012-5166",
    "CVE-2012-5688",
    "CVE-2013-0166",
    "CVE-2013-0169",
    "CVE-2013-1027",
    "CVE-2013-1028",
    "CVE-2013-1030",
    "CVE-2013-1032",
    "CVE-2013-1635",
    "CVE-2013-1643",
    "CVE-2013-1775",
    "CVE-2013-1824",
    "CVE-2013-1899",
    "CVE-2013-1900",
    "CVE-2013-1901",
    "CVE-2013-1902",
    "CVE-2013-1903",
    "CVE-2013-2020",
    "CVE-2013-2021",
    "CVE-2013-2110",
    "CVE-2013-2266"
  );
  script_bugtraq_id(
    53046,
    54658,
    55131,
    55522,
    55852,
    56817,
    57755,
    57778,
    58165,
    58203,
    58224,
    58736,
    58766,
    58876,
    58877,
    58878,
    58879,
    58882,
    59434,
    60118,
    60268,
    60411,
    62370,
    62371,
    62373,
    62375,
    62377
  );
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2013-09-12-1");
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2013-004)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes several
security issues.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.6 or 10.7 that
does not have Security Update 2013-004 applied.  This update contains
several security-related fixes for the following component :

  - Apache
  - Bind
  - Certificate Trust Policy
  - ClamAV
  - Installer
  - IPSec
  - Mobile Device Management
  - OpenSSL
  - PHP
  - PostgreSQL
  - QuickTime
  - sudo

Note that successful exploitation of the most serious issues could
result in arbitrary code execution.");
  script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT5880");
  script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/archive/1/528594/30/0/threaded");
  script_set_attribute(attribute:"solution", value:
"Install Security Update 2013-004 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Mac OS X Sudo Password Bypass');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");
  script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/04/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/09/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "Host/MacOSX/packages/boms");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

os = get_kb_item("Host/MacOSX/Version");
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");
if (!ereg(pattern:"Mac OS X 10\.[67]([^0-9]|$)", string:os)) audit(AUDIT_OS_NOT, "Mac OS X 10.6 / 10.7");
else if ("Mac OS X 10.6" >< os && !ereg(pattern:"Mac OS X 10\.6($|\.[0-8]([^0-9]|$))", string:os)) exit(0, "The remote host uses a version of Mac OS X Snow Leopard later than 10.6.8.");
else if ("Mac OS X 10.7" >< os && !ereg(pattern:"Mac OS X 10\.7($|\.[0-5]([^0-9]|$))", string:os)) exit(0, "The remote host uses a version of Mac OS X Lion later than 10.7.5.");


packages = get_kb_item_or_exit("Host/MacOSX/packages/boms", exit_code:1);
if (
  egrep(pattern:"^com\.apple\.pkg\.update\.security(\.10\.[6-8]\..+)?\.(2013\.00[4-9]|201[4-9]\.[0-9]+)(\.(snowleopard[0-9.]*|lion))?\.bom", string:packages)
) exit(0, "The host has Security Update 2013-004 or later installed and is therefore not affected.");
else
{
  set_kb_item(name:"www/0/XSS", value:TRUE);

  if (report_verbosity > 0)
  {
    security_boms = egrep(pattern:"^com\.apple\.pkg\.update\.security", string:packages);

    report = '\n  Installed security BOMs : ';
    if (security_boms) report += str_replace(find:'\n', replace:'\n                            ', string:security_boms);
    else report += 'n/a';
    report += '\n';

    security_hole(port:0, extra:report);
  }
  else security_hole(0);
}
VendorProductVersionCPE
applemac_os_xcpe:/o:apple:mac_os_x

References

Related

nessus 73
securityvulns 9
altlinux 7
openvas 51
debian 6
suse 8
freebsd 6
osv 3
vmware 1
fedora 5
amazon 3
ubuntu 4
oraclelinux 2
ibm 5
slackware 4
threatpost 1
f5 3
ubuntucve 4
prion 1
cve 1
redhat 1
freebsd_advisory 1
nessus
nessus
Mac OS X 10.8.x < 10.8.5 Multiple Vulnerabilities
2013-09-13 00:00:00
FreeBSD : PostgreSQL -- anonymous remote access data corruption vulnerability (3f332f16-9b6b-11e2-8fe9-08002798f6ff)
2013-04-08 00:00:00
Fedora 18 : postgresql-9.2.4-1.fc18 (2013-4951)
2013-04-07 00:00:00
securityvulns
securityvulns
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
2013-10-03 00:00:00
[USN-1789-1] PostgreSQL vulnerabilities
2013-04-08 00:00:00
PostgreSQL multiple security vulnerabilities
2013-04-08 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 9 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
Security fix for the ALT Linux 8 package apache2 version 2.2.24-alt1
2013-04-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 2658-1 (postgresql-9.1 - several vulnerabilities)
2013-04-04 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-178)
2015-09-08 00:00:00
SuSE Update for postgresql92 openSUSE-SU-2013:0628-1 (postgresql92)
2013-12-10 00:00:00
debian
debian
[SECURITY] [DSA 2657-1] postgresql-8.4 security update
2013-04-04 13:47:32
[SECURITY] [DSA 2658-1] postgresql-9.1 security update
2013-04-04 14:06:34
[SECURITY] [DSA 2658-1] postgresql-9.1 security update
2013-04-04 14:06:34
suse
suse
postgresql: security and bugfix update to 9.0.13 (important)
2013-04-08 07:04:30
Security update for PostgreSQL (important)
2013-04-05 19:06:20
postgresql92: Various security fixes. Update to 9.2.4. (important)
2013-04-05 10:04:42
freebsd
freebsd
PostgreSQL -- anonymous remote access data corruption vulnerability
2013-04-04 00:00:00
OpenSSL -- TLS 1.1, 1.2 denial of service
2013-02-05 00:00:00
apache22 -- several vulnerabilities
2012-10-07 00:00:00
osv
osv
postgresql-9.1 - several
2013-04-04 00:00:00
php5 - several vulnerabilities
2013-03-05 00:00:00
postgresql-8.4 - guessable random numbers
2013-04-04 00:00:00
vmware
vmware
VMware vFabric Postgres security updates
2013-04-04 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: postgresql-9.2.4-1.fc19
2013-04-20 19:59:46
[SECURITY] Fedora 18 Update: postgresql-9.2.4-1.fc18
2013-04-05 22:59:41
[SECURITY] Fedora 18 Update: httpd-2.4.4-2.fc18
2013-04-01 03:30:25
amazon
amazon
Critical: postgresql9
2013-04-04 11:49:00
Medium: httpd
2013-03-26 21:25:00
Medium: httpd24
2013-03-26 21:29:00
ubuntu
ubuntu
PostgreSQL vulnerabilities
2013-04-04 00:00:00
OpenSSL vulnerabilities
2013-02-21 00:00:00
OpenSSL vulnerability
2013-03-25 00:00:00
oraclelinux
oraclelinux
bind security and enhancement update
2013-02-28 00:00:00
bind security update
2012-11-29 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in ClearCase OpenSSL Component (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)
2018-06-17 04:46:06
Security Bulletin: Tivoli Management Framework affected by vulnerabilities in OpenSSL 1.0.1c
2022-09-25 21:06:56
Security Bulletin: IBM Tivoli Netcool System Service Monitors/Application Service Monitors is affected by multiple OpenSSL vulnerabilities
2022-09-26 05:45:55
slackware
slackware
openssl
2013-02-09 15:03:57
httpd
2013-03-03 15:02:33
php
2013-03-23 20:35:59
threatpost
threatpost
Six Security Flaws Fixed in BIND 9.9.2
2012-12-05 16:15:32
f5
f5
SOL15865 - Apache HTTP server vulnerability CVE-2012-4558
2014-11-25 00:00:00
K14201 : BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244
2014-08-26 00:00:00
SOL14201 - BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244
2013-02-11 00:00:00
ubuntucve
ubuntucve
CVE-2012-4558
2013-02-26 00:00:00
CVE-2013-1824
2013-09-16 00:00:00
CVE-2013-1643
2013-03-06 00:00:00
prion
prion
Xxe
2013-03-06 13:10:00
cve
cve
CVE-2013-1643
2013-03-06 13:10:00
redhat
redhat
(RHSA-2012:1365) Important: bind security update
2012-10-12 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-12:06.bind
2012-11-22 00:00:00
JSON
Related for MACOSX_SECUPD2013-004.NASL
nessus73securityvulns9altlinux7openvas51debian6suse8freebsd6osv3vmware1fedora5amazon3ubuntu4oraclelinux2ibm5slackware4threatpost1f53ubuntucve4prion1cve1redhat1freebsd_advisory1