Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) - Important security update require
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
![]() | Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) | 7 Sep 201100:00 | – | openvas |
![]() | Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Windows | 22 Jun 201000:00 | – | openvas |
![]() | Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Windows) | 22 Jun 201000:00 | – | openvas |
![]() | FreeBSD Ports: linux-flashplugin | 6 Jul 201000:00 | – | openvas |
![]() | Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux) | 22 Jun 201000:00 | – | openvas |
![]() | SuSE Update for flash-player SUSE-SA:2010:024 | 23 Jun 201000:00 | – | openvas |
![]() | FreeBSD Ports: linux-flashplugin | 6 Jul 201000:00 | – | openvas |
![]() | SuSE Update for flash-player SUSE-SA:2010:024 | 23 Jun 201000:00 | – | openvas |
![]() | Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Linux | 22 Jun 201000:00 | – | openvas |
![]() | Gentoo Security Advisory GLSA 201101-09 (adobe-flash) | 9 Mar 201100:00 | – | openvas |
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_macosx_su10-007.nasl 7052 2017-09-04 11:50:51Z teissa $
#
# Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
#
# Authors:
# Madhuri D <[email protected]>
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation could allow attackers to execute arbitrary code in
the context of the browser, obtain potentially sensitive information or cause
a denial-of-service condition.
Impact Level: System/Application";
tag_affected = "AFP Server
Apache mod_perl
Apache
AppKit
ATS
CFNetwork
CoreGraphics
CoreText
CUPS
Flash Player plug-in
gzip
Image Capture
ImageIO
Image RAW
MySQL
neon
OpenLDAP
OpenSSL
Password Server
PHP
python
Apple iWork
Apple Safari
Apple iTunes
QuickLook
QuickTime
Wiki Server
xar
X11
Time Machine
WebKit Open Source";
tag_insight = "For more information on the vulnerabilities refer to the links below.";
tag_solution = "Run Mac Updates and update the Security Update 2010-007
For updates refer to http://support.apple.com/kb/HT4435";
tag_summary = "This host is missing an important security update according to
Mac OS X 10.6.5 Update/Mac OS X Security Update 2010-007";
if(description)
{
script_id(802144);
script_version("$Revision: 7052 $");
script_tag(name:"last_modification", value:"$Date: 2017-09-04 13:50:51 +0200 (Mon, 04 Sep 2017) $");
script_tag(name:"creation_date", value:"2011-09-07 08:36:57 +0200 (Wed, 07 Sep 2011)");
script_cve_id("CVE-2010-1828", "CVE-2010-1829", "CVE-2010-1830", "CVE-2009-0796",
"CVE-2010-0408", "CVE-2010-0434", "CVE-2010-1842", "CVE-2010-1831",
"CVE-2010-1832", "CVE-2010-1833", "CVE-2010-4010", "CVE-2010-1752",
"CVE-2010-1834", "CVE-2010-1836", "CVE-2010-1837", "CVE-2010-2941",
"CVE-2010-1838", "CVE-2010-1840", "CVE-2010-0105", "CVE-2010-1841",
"CVE-2008-4546", "CVE-2009-3793", "CVE-2010-0209", "CVE-2010-1297",
"CVE-2010-2160", "CVE-2010-2161", "CVE-2010-2162", "CVE-2010-2163",
"CVE-2010-2164", "CVE-2010-2165", "CVE-2010-2166", "CVE-2010-2167",
"CVE-2010-2169", "CVE-2010-2170", "CVE-2010-2171", "CVE-2010-2172",
"CVE-2010-2173", "CVE-2010-2174", "CVE-2010-2175", "CVE-2010-2176",
"CVE-2010-2177", "CVE-2010-2178", "CVE-2010-2179", "CVE-2010-2180",
"CVE-2010-2181", "CVE-2010-2182", "CVE-2010-2183", "CVE-2010-2184",
"CVE-2010-2185", "CVE-2010-2186", "CVE-2010-2187", "CVE-2010-2189",
"CVE-2010-2188", "CVE-2010-2213", "CVE-2010-2214", "CVE-2010-2215",
"CVE-2010-2216", "CVE-2010-2884", "CVE-2010-3636", "CVE-2010-3638",
"CVE-2010-3639", "CVE-2010-3640", "CVE-2010-3641", "CVE-2010-3642",
"CVE-2010-3643", "CVE-2010-3644", "CVE-2010-3645", "CVE-2010-3646",
"CVE-2010-3647", "CVE-2010-3648", "CVE-2010-3649", "CVE-2010-3650",
"CVE-2010-3652", "CVE-2010-3654", "CVE-2010-3976", "CVE-2010-0001",
"CVE-2009-2624", "CVE-2010-1844", "CVE-2010-1845", "CVE-2010-1811",
"CVE-2010-1846", "CVE-2010-1847", "CVE-2010-1848", "CVE-2010-1849",
"CVE-2010-1850", "CVE-2009-2473", "CVE-2009-2474", "CVE-2010-1843",
"CVE-2010-0211", "CVE-2010-0212", "CVE-2010-1378", "CVE-2010-3783",
"CVE-2010-0397", "CVE-2010-2531", "CVE-2010-2484", "CVE-2010-3784",
"CVE-2009-4134", "CVE-2010-1449", "CVE-2010-1450", "CVE-2010-3785",
"CVE-2010-3786", "CVE-2010-3787", "CVE-2010-3788", "CVE-2010-3789",
"CVE-2010-3790", "CVE-2010-3791", "CVE-2010-3792", "CVE-2010-3793",
"CVE-2010-3794", "CVE-2010-3795", "CVE-2010-3796", "CVE-2010-1803",
"CVE-2010-3797", "CVE-2010-0205", "CVE-2010-3798", "CVE-2009-0946",
"CVE-2010-2497", "CVE-2010-2498", "CVE-2010-2499", "CVE-2010-2500",
"CVE-2010-2519", "CVE-2010-2520", "CVE-2010-2805", "CVE-2010-2806",
"CVE-2010-2807", "CVE-2010-2808", "CVE-2010-3053", "CVE-2010-3054",
"CVE-2011-1417", "CVE-2010-1205", "CVE-2010-2249", "CVE-2011-1290",
"CVE-2011-1344");
script_bugtraq_id(44812, 44799, 46832, 46849, 46822, 41174, 44803, 44832,
44802, 44805, 44729, 41049, 44811, 44806, 44808, 44530,
31537, 40809, 42363, 40586, 40779, 40781, 40801, 40803,
40780, 40782, 40783, 40802, 40807, 40789, 40784, 40795,
40800, 40805, 40785, 40787, 40788, 40790, 40808, 40791,
40792, 40794, 40793, 40796, 40806, 40786, 40797, 40799,
40798, 42364, 49303, 42361, 42362, 43205, 44691, 44693,
44692, 44675, 44677, 44678, 44679, 44680, 44681, 44682,
44683, 44684, 44685, 44686, 44687, 44504, 44671, 37886,
37888, 44813, 44819, 43076, 44822, 44840, 40109, 40100,
40106, 36080, 36079, 44784, 41770, 44831, 41770, 44833,
38708, 41991, 44835, 44794, 44792, 44790, 44789, 44794,
44792, 44814, 44834, 44829, 38478, 44828, 34550, 41663,
42285, 42624, 42621, 46832, 41174, 46849, 46822);
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_name("Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)");
script_xref(name : "URL" , value : "http://support.apple.com/kb/HT4435");
script_xref(name : "URL" , value : "http://www.securitytracker.com/id?1024723");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Jul/msg00003.html");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Mar/msg00000.html");
script_xref(name : "URL" , value : "http://lists.apple.com/archives/security-announce//2011//Apr/msg00004.html");
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_category(ACT_GATHER_INFO);
script_family("Mac OS X Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_require_ports("Services/ssh", 22);
script_mandatory_keys("ssh/login/osx_name","ssh/login/osx_version");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-macosx.inc");
include("version_func.inc");
## Get the OS name
osName = get_kb_item("ssh/login/osx_name");
if(!osName){
exit (0);
}
## Get the OS Version
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer){
exit(0);
}
## Check for the Mac OS X
if("Mac OS X" >< osName && "Server" >!< osName)
{
## Check the affected OS versions
if(version_is_less_equal(version:osVer, test_version:"10.5.8") ||
version_in_range(version:osVer, test_version:"10.6.0", test_version2:"10.6.4"))
{
## Check for the security update 2010.007
if(isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.007"))
{
security_message(0);
exit(0);
}
}
}
## Check for the Mac OS X Server
if("Mac OS X Server" >< osName)
{
## Check the affected OS versions
if(version_is_less_equal(version:osVer, test_version:"10.5.8") ||
version_in_range(version:osVer, test_version:"10.6", test_version2:"10.6.4"))
{
## Check for the security update 2010.007
if(isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2010.007"))
{
security_message(0);
exit(0);
}
}
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo