Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002

2010-05-12T00:00:00
ID OPENVAS:1361412562310102039
Type openvas
Reporter Copyright (C) 2010 LSS
Modified 2018-01-08T00:00:00

Description

The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002. One or more of the following components are affected:

AppKit Application Firewall AFP Server Apache ClamAV CoreAudio CoreMedia CoreTypes CUPS curl Cyrus IMAP Cyrus SASL DesktopServices Disk Images Directory Services Dovecot Event Monitor FreeRADIUS FTP Server iChat Server ImageIO Image RAW Libsystem Mail Mailman MySQL OS Services Password Server perl PHP Podcast Producer Preferences PS Normalizer QuickTime Ruby Server Admin SMB Tomcat unzip vim Wiki Server X11 xar

                                        
                                            ###################################################################
# OpenVAS Vulnerability Test
#
# Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002
#
# LSS-NVT-2010-028
#
# Developed by LSS Security Team <http://security.lss.hr>
#
# Copyright (C) 2010 LSS <http://www.lss.hr>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program. If not, see
# <http://www.gnu.org/licenses/>.
###################################################################

tag_solution = "Update your Mac OS X operating system.

 For more information see:
 http://support.apple.com/kb/HT4077";

tag_summary = "The remote host is missing Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002.
 One or more of the following components are affected:

 AppKit
 Application Firewall
 AFP Server
 Apache
 ClamAV
 CoreAudio
 CoreMedia
 CoreTypes
 CUPS
 curl
 Cyrus IMAP
 Cyrus SASL
 DesktopServices
 Disk Images
 Directory Services
 Dovecot
 Event Monitor
 FreeRADIUS
 FTP Server
 iChat Server
 ImageIO
 Image RAW
 Libsystem
 Mail
 Mailman
 MySQL
 OS Services
 Password Server
 perl
 PHP
 Podcast Producer
 Preferences
 PS Normalizer
 QuickTime
 Ruby
 Server Admin
 SMB
 Tomcat
 unzip
 vim
 Wiki Server
 X11
 xar";


if(description)
{
 script_oid("1.3.6.1.4.1.25623.1.0.102039");
 script_version("$Revision: 8314 $");
 script_tag(name:"last_modification", value:"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $");
 script_tag(name:"creation_date", value:"2010-05-12 14:48:44 +0200 (Wed, 12 May 2010)");
 script_cve_id("CVE-2010-0056","CVE-2009-2801","CVE-2010-0057","CVE-2010-0533","CVE-2009-3095","CVE-2010-0058","CVE-2010-0059","CVE-2010-0060","CVE-2010-0062","CVE-2010-0063","CVE-2010-0393","CVE-2009-2417","CVE-2009-0037","CVE-2009-2632","CVE-2009-0688","CVE-2010-0064","CVE-2010-0537","CVE-2010-0065","CVE-2010-0497","CVE-2010-0498","CVE-2010-0535","CVE-2010-0500","CVE-2010-0524","CVE-2010-0501","CVE-2006-1329","CVE-2010-0502","CVE-2010-0503","CVE-2010-0504","CVE-2010-0505","CVE-2010-0041","CVE-2010-0042","CVE-2010-0043","CVE-2010-0506","CVE-2010-0507","CVE-2009-0689","CVE-2010-0508","CVE-2010-0525","CVE-2008-0564","CVE-2008-4456","CVE-2008-7247","CVE-2009-2446","CVE-2009-4019","CVE-2009-4030","CVE-2010-0509","CVE-2010-0510","CVE-2008-5302","CVE-2008-5303","CVE-2009-3557","CVE-2009-3558","CVE-2009-3559","CVE-2009-4017","CVE-2009-4142","CVE-2009-4143","CVE-2010-0511","CVE-2010-0512","CVE-2010-0513","CVE-2010-0514","CVE-2010-0515","CVE-2010-0516","CVE-2010-0517","CVE-2010-0518","CVE-2010-0519","CVE-2010-0520","CVE-2010-0526","CVE-2009-2422","CVE-2009-3009","CVE-2009-4214","CVE-2009-1904","CVE-2010-0521","CVE-2010-0522","CVE-2009-2906","CVE-2009-0580","CVE-2009-0033","CVE-2009-0783","CVE-2008-5515","CVE-2009-0781","CVE-2009-2901","CVE-2009-2902","CVE-2009-2693","CVE-2008-0888","CVE-2008-2712","CVE-2008-4101","CVE-2009-0316","CVE-2010-0523","CVE-2010-0534","CVE-2009-2042","CVE-2003-0063","CVE-2010-0055");
 script_name("Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002");
 script_tag(name:"cvss_base", value:"10.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_category(ACT_GATHER_INFO);
 script_copyright("Copyright (C) 2010 LSS");
 script_family("Mac OS X Local Security Checks");
 script_require_ports("Services/ssh", 22);
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/osx_name","ssh/login/osx_version");
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

include("pkg-lib-macosx.inc");
include("version_func.inc");

ssh_osx_name = get_kb_item("ssh/login/osx_name");
if (!ssh_osx_name) exit (0);

ssh_osx_ver = get_kb_item("ssh/login/osx_version");
if (!ssh_osx_ver) exit (0);

ssh_osx_rls = ssh_osx_name + ' ' + ssh_osx_ver;

pkg_for_ver = make_list("Mac OS X 10.5.8","Mac OS X Server 10.5.8","Mac OS X 10.6.2","Mac OS X Server 10.6.2");

if (rlsnotsupported(rls:ssh_osx_rls, list:pkg_for_ver)) { security_message(0); exit(0);}

if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X 10.5.8")) {
    if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X 10.5.8"))) { security_message(0); exit(0);}
    else if ((ssh_osx_ver==osx_ver(ver:"Mac OS X 10.5.8")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.002"))) { security_message(0); exit(0);}
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X Server 10.5.8")) {
    if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:osx_ver(ver:"Mac OS X Server 10.5.8"))) { security_message(0); exit(0);}
    else if ((ssh_osx_ver==osx_ver(ver:"Mac OS X Server 10.5.8")) && (isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.002"))) { security_message(0); exit(0);}
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X 10.6.2")) {
    if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:"10.6.3")) { security_message(0); exit(0); }
}
if (osx_rls_name(rls:ssh_osx_rls) == osx_rls_name(rls:"Mac OS X Server 10.6.2")) {
    if (version_is_less(version:osx_ver(ver:ssh_osx_rls), test_version:"10.6.3")) { security_message(0); exit(0); }
}