Lucene search
Copyright (C) 2010 LSSOPENVAS:1361412562310102027HistoryMay 12, 2010 - 12:00 a.m.
Mac OS X Security Update (HT3776)
2010-05-1200:00:00
Copyright (C) 2010 LSS
plugins.openvas.org
20
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
7.8
Confidence
High
EPSS
0.964
Percentile
99.6%
The remote host is missing Security Update 2009-004.
# SPDX-FileCopyrightText: 2010 LSS
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.102027");
script_version("2023-07-28T16:09:07+0000");
script_tag(name:"last_modification", value:"2023-07-28 16:09:07 +0000 (Fri, 28 Jul 2023)");
script_tag(name:"creation_date", value:"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)");
script_cve_id("CVE-2009-0696");
script_name("Mac OS X Security Update (HT3776)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2010 LSS");
script_family("Mac OS X Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/osx_name", "ssh/login/osx_version", re:"ssh/login/osx_version=^10\.[45]\.");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT3776");
script_tag(name:"summary", value:"The remote host is missing Security Update 2009-004.");
script_tag(name:"affected", value:"One or more of the following components are affected:
BIND");
script_tag(name:"solution", value:"Update your Mac OS X operating system. Please see the references for more information.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-macosx.inc");
include("version_func.inc");
ssh_osx_name = get_kb_item("ssh/login/osx_name");
if (!ssh_osx_name) exit (0);
ssh_osx_ver = get_kb_item("ssh/login/osx_version");
if (!ssh_osx_ver || ssh_osx_ver !~ "^10\.[45]\.") exit (0);
ssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;
pkg_for_ver = make_list("Mac OS X 10.4.11","Mac OS X Server 10.4.11","Mac OS X 10.5.8","Mac OS X Server 10.5.8");
if (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X 10.4.11")) {
if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X 10.4.11"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
else if((ssh_osx_ver == osx_ver(ver:"Mac OS X 10.4.11")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2009.004"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X Server 10.4.11")) {
if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X Server 10.4.11"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
else if((ssh_osx_ver == osx_ver(ver:"Mac OS X Server 10.4.11")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2009.004"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X 10.5.8")) {
if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X 10.5.8"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
else if((ssh_osx_ver == osx_ver(ver:"Mac OS X 10.5.8")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2009.004"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X Server 10.5.8")) {
if(version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X Server 10.5.8"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
else if((ssh_osx_ver == osx_ver(ver:"Mac OS X Server 10.5.8")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2009.004"))) { security_message( port: 0, data: "The target host was found to be vulnerable" ); exit(0);}
}
References
Related
osv
osv
bind9 - denial of service
2009-07-29 00:00:00
bind-9.10.3P4-21.1 on GA media
2024-06-15 00:00:00
f5
f5
SOL10366 - BIND vulnerability - CVE-2009-0696
2009-07-28 00:00:00
K10366 : BIND vulnerability - CVE-2009-0696
2013-06-28 00:00:00
openvas
openvas
Fedora Core 11 FEDORA-2009-8119 (bind)
2009-08-17 00:00:00
CentOS Security Advisory CESA-2009:1181 (bind)
2009-08-17 00:00:00
SLES11: Security update for bind
2009-10-11 00:00:00
nessus
nessus
CentOS 3 : bind (CESA-2009:1181)
2009-07-30 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2009-210-01)
2011-05-28 00:00:00
Oracle Linux 5 : bind (ELSA-2009-1179)
2013-07-12 00:00:00
freebsd
freebsd
BIND -- Dynamic update message remote DoS
2009-07-28 00:00:00
redhat
redhat
(RHSA-2009:1179) Important: bind security update
2009-07-29 00:00:00
(RHSA-2009:1181) Important: bind security and bug fix update
2009-07-29 00:00:00
(RHSA-2009:1180) Important: bind security and bug fix update
2009-07-29 00:00:00
centos
centos
bind, caching security update
2009-07-29 19:12:50
bind security update
2009-07-30 19:55:19
bind security update
2009-07-29 20:55:11
debian
debian
[SECURITY] [DSA 1847-1] New bind9 packages fix denial of service
2009-07-29 07:21:21
securityvulns
securityvulns
cvelist
cvelist
CVE-2009-0696
2009-07-29 17:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:33:36
seebug
seebug
ISC BIND 9θΏη¨ε¨ζζ΄ζ°ζΆζ―ζη»ζε‘ζΌζ΄
2009-07-29 00:00:00
exploitdb
exploitdb
ISC BIND 9 - Remote Dynamic Update Message Denial of Service (PoC)
2009-07-30 00:00:00
prion
prion
Design/Logic Flaw
2009-07-29 17:30:00
cert
cert
ISC BIND 9 vulnerable to denial of service via dynamic update request
2009-07-28 00:00:00
oraclelinux
oraclelinux
bind security and bug fix update
2009-07-29 00:00:00
bind security and bug fix update
2009-07-29 00:00:00
bind security update
2009-07-29 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: bind-9.6.1-4.P1.fc11
2009-07-30 03:55:31
[SECURITY] Fedora 10 Update: bind-9.5.1-3.P3.fc10
2009-07-30 03:55:44
[SECURITY] Fedora 11 Update: bind-9.6.1-7.P2.fc11
2009-11-27 21:40:17
checkpoint_advisories
checkpoint_advisories
BIND 9 DNS Server Dynamic Update Denial of Service (CVE-2009-0696)
2009-08-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 8 package bind version 9.3.6-alt5
2009-07-28 00:00:00
Security fix for the ALT Linux 5 package bind version 9.3.6-alt5
2009-07-28 00:00:00
checkpoint_security
checkpoint_security
Check Point response to ISC BIND 9 DoS vulnerability (CVE-2009-0696)
2009-08-08 21:00:00
ubuntucve
ubuntucve
CVE-2009-0696
2009-07-29 00:00:00
debiancve
debiancve
CVE-2009-0696
2009-07-29 17:30:00
nvd
nvd
CVE-2009-0696
2009-07-29 17:30:00
gentoo
gentoo
BIND: Denial of service
2009-08-01 00:00:00
ubuntu
ubuntu
Bind vulnerability
2009-07-29 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:12.bind
2009-07-29 00:00:00
slackware
slackware
bind
2009-07-29 22:52:55
suse
suse
remote denial of service in bind
2009-07-30 16:51:35
cve
cve
CVE-2009-0696
2009-07-29 17:30:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
7.8
Confidence
High
EPSS
0.964
Percentile
99.6%
Related for OPENVAS:1361412562310102027