Lucene search
Copyright (c) 2011 Greenbone Networks GmbHOPENVAS:802144HistorySep 07, 2011 - 12:00 a.m.
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-0700:00:00
Copyright (c) 2011 Greenbone Networks GmbH
plugins.openvas.org
31
0.973 High
EPSS
Percentile
99.9%
This host is missing an important security update according to
Mac OS X 10.6.5 Update/Mac OS X Security Update 2010-007
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_macosx_su10-007.nasl 7052 2017-09-04 11:50:51Z teissa $
#
# Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
#
# Authors:
# Madhuri D <[email protected]>
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation could allow attackers to execute arbitrary code in
the context of the browser, obtain potentially sensitive information or cause
a denial-of-service condition.
Impact Level: System/Application";
tag_affected = "AFP Server
Apache mod_perl
Apache
AppKit
ATS
CFNetwork
CoreGraphics
CoreText
CUPS
Flash Player plug-in
gzip
Image Capture
ImageIO
Image RAW
MySQL
neon
OpenLDAP
OpenSSL
Password Server
PHP
python
Apple iWork
Apple Safari
Apple iTunes
QuickLook
QuickTime
Wiki Server
xar
X11
Time Machine
WebKit Open Source";
tag_insight = "For more information on the vulnerabilities refer to the links below.";
tag_solution = "Run Mac Updates and update the Security Update 2010-007
For updates refer to http://support.apple.com/kb/HT4435";
tag_summary = "This host is missing an important security update according to
Mac OS X 10.6.5 Update/Mac OS X Security Update 2010-007";
if(description)
{
script_id(802144);
script_version("$Revision: 7052 $");
script_tag(name:"last_modification", value:"$Date: 2017-09-04 13:50:51 +0200 (Mon, 04 Sep 2017) $");
script_tag(name:"creation_date", value:"2011-09-07 08:36:57 +0200 (Wed, 07 Sep 2011)");
script_cve_id("CVE-2010-1828", "CVE-2010-1829", "CVE-2010-1830", "CVE-2009-0796",
"CVE-2010-0408", "CVE-2010-0434", "CVE-2010-1842", "CVE-2010-1831",
"CVE-2010-1832", "CVE-2010-1833", "CVE-2010-4010", "CVE-2010-1752",
"CVE-2010-1834", "CVE-2010-1836", "CVE-2010-1837", "CVE-2010-2941",
"CVE-2010-1838", "CVE-2010-1840", "CVE-2010-0105", "CVE-2010-1841",
"CVE-2008-4546", "CVE-2009-3793", "CVE-2010-0209", "CVE-2010-1297",
"CVE-2010-2160", "CVE-2010-2161", "CVE-2010-2162", "CVE-2010-2163",
"CVE-2010-2164", "CVE-2010-2165", "CVE-2010-2166", "CVE-2010-2167",
"CVE-2010-2169", "CVE-2010-2170", "CVE-2010-2171", "CVE-2010-2172",
"CVE-2010-2173", "CVE-2010-2174", "CVE-2010-2175", "CVE-2010-2176",
"CVE-2010-2177", "CVE-2010-2178", "CVE-2010-2179", "CVE-2010-2180",
"CVE-2010-2181", "CVE-2010-2182", "CVE-2010-2183", "CVE-2010-2184",
"CVE-2010-2185", "CVE-2010-2186", "CVE-2010-2187", "CVE-2010-2189",
"CVE-2010-2188", "CVE-2010-2213", "CVE-2010-2214", "CVE-2010-2215",
"CVE-2010-2216", "CVE-2010-2884", "CVE-2010-3636", "CVE-2010-3638",
"CVE-2010-3639", "CVE-2010-3640", "CVE-2010-3641", "CVE-2010-3642",
"CVE-2010-3643", "CVE-2010-3644", "CVE-2010-3645", "CVE-2010-3646",
"CVE-2010-3647", "CVE-2010-3648", "CVE-2010-3649", "CVE-2010-3650",
"CVE-2010-3652", "CVE-2010-3654", "CVE-2010-3976", "CVE-2010-0001",
"CVE-2009-2624", "CVE-2010-1844", "CVE-2010-1845", "CVE-2010-1811",
"CVE-2010-1846", "CVE-2010-1847", "CVE-2010-1848", "CVE-2010-1849",
"CVE-2010-1850", "CVE-2009-2473", "CVE-2009-2474", "CVE-2010-1843",
"CVE-2010-0211", "CVE-2010-0212", "CVE-2010-1378", "CVE-2010-3783",
"CVE-2010-0397", "CVE-2010-2531", "CVE-2010-2484", "CVE-2010-3784",
"CVE-2009-4134", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-3785",
"CVE-2010-3786", "CVE-2010-3787", "CVE-2010-3788", "CVE-2010-3789",
"CVE-2010-3790", "CVE-2010-3791", "CVE-2010-3792", "CVE-2010-3793",
"CVE-2010-3794", "CVE-2010-3795", "CVE-2010-3796", "CVE-2010-1803",
"CVE-2010-3797", "CVE-2010-0205", "CVE-2010-3798", "CVE-2009-0946",
"CVE-2010-2497", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500",
"CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2805", "CVE-2010-2806",
"CVE-2010-2807", "CVE-2010-2808", "CVE-2010-3053", "CVE-2010-3054",
"CVE-2011-1417", "CVE-2010-1205", "CVE-2010-2249", "CVE-2011-1290",
"CVE-2011-1344");
script_bugtraq_id(44812, 44799, 46832, 46849, 46822, 41174, 44803, 44832,
44802, 44805, 44729, 41049, 44811, 44806, 44808, 44530,
31537, 40809, 42363, 40586, 40779, 40781, 40801, 40803,
40780, 40782, 40783, 40802, 40807, 40789, 40784, 40795,
40800, 40805, 40785, 40787, 40788, 40790, 40808, 40791,
40792, 40794, 40793, 40796, 40806, 40786, 40797, 40799,
40798, 42364, 49303, 42361, 42362, 43205, 44691, 44693,
44692, 44675, 44677, 44678, 44679, 44680, 44681, 44682,
44683, 44684, 44685, 44686, 44687, 44504, 44671, 37886,
37888, 44813, 44819, 43076, 44822, 44840, 40109, 40100,
40106, 36080, 36079, 44784, 41770, 44831, 41770, 44833,
38708, 41991, 44835, 44794, 44792, 44790, 44789, 44794,
44792, 44814, 44834, 44829, 38478, 44828, 34550, 41663,
42285, 42624, 42621, 46832, 41174, 46849, 46822);
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)");
script_xref(name : "URL" , value : "http://support.apple.com/kb/HT4435");
script_xref(name : "URL" , value : "http://www.securitytracker.com/id?1024723");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Jul/msg00003.html");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Mar/msg00000.html");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Apr/msg00004.html");
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_category(ACT_GATHER_INFO);
script_family("Mac OS X Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_require_ports("Services/ssh", 22);
script_mandatory_keys("ssh/login/osx_name","ssh/login/osx_version");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-macosx.inc");
include("version_func.inc");
## Get the OS name
osName = get_kb_item("ssh/login/osx_name");
if(!osName){
exit (0);
}
## Get the OS Version
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer){
exit(0);
}
## Check for the Mac OS X
if("Mac OS X" >< osName && "Server" >!< osName)
{
## Check the affected OS versions
if(version_is_less_equal(version:osVer, test_version:"10.5.8") ||
version_in_range(version:osVer, test_version:"10.6.0", test_version2:"10.6.4"))
{
## Check for the security update 2010.007
if(isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.007"))
{
security_message(0);
exit(0);
}
}
}
## Check for the Mac OS X Server
if("Mac OS X Server" >< osName)
{
## Check the affected OS versions
if(version_is_less_equal(version:osVer, test_version:"10.5.8") ||
version_in_range(version:osVer, test_version:"10.6", test_version2:"10.6.4"))
{
## Check for the security update 2010.007
if(isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.007"))
{
security_message(0);
exit(0);
}
}
}
Related
openvas
openvas
Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
2011-09-07 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Windows)
2010-06-22 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Windows
2010-06-22 00:00:00
securityvulns
securityvulns
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
2010-11-18 00:00:00
Apple Mac OS X and QuickTime multiple security vulnerabilities
2013-11-18 00:00:00
Security update available for Adobe Flash Player
2010-06-11 00:00:00
nessus
nessus
Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities
2010-11-11 00:00:00
Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities
2010-11-10 00:00:00
RHEL 3 / 4 : flash-plugin (RHSA-2010:0470)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
(RHSA-2010:0834) Critical: flash-plugin security update
2010-11-08 00:00:00
suse
suse
remote code execution in flash-player
2010-06-11 17:44:20
remote code execution in flash-player
2010-11-05 13:12:10
remote code execution in flash-player
2010-08-13 16:04:27
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
linux-flashplugin -- multiple vulnerabilities
2010-09-28 00:00:00
linux-flashplugin -- multiple vulnerabilities
2010-01-06 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
prion
prion
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
ubuntucve
ubuntucve
cve
cve
debian
debian
[SECURITY] [DSA 2070-1] New freetype packages fix several vulnerabilities
2010-07-14 20:04:45
n0where
n0where
General Purpose Fuzzing: Honggfuzz
2015-06-05 15:50:13
ubuntu
ubuntu
FreeType vulnerabilities
2010-07-20 00:00:00