Mac OS X v10.6.8 Multiple Vulnerabilities (2011-004)

This host is missing an important security update according to Mac OS X 10.5.8 Update/Mac OS X Security Update 2011-004. OpenVAS Vulnerability Test $Id: secpodmacosxsu11-004.nasl 7015 2017-08-28 11:51:24Z teissa $ Mac OS X v10.6.8 Multiple Vulnerabilities 2011-004 Authors: Antu Sanadi Copyright:...

About the security content of Mac OS X v10.6.8 and Security Update 2011-004

About the security content of Mac OS X v10.6.8 and Security Update 2011-004 Last Modified: June 23, 2011 Article: HT4723 Email this article Print this page Summary This document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update...

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

CVE-2011-0199

CVE-2011-0199 affects Apple Mac OS X’s Certificate Trust Policy prior to 10.6.8. The issue is an EV certificate handling error where, if OCSP URLs are absent and CRL checking is enabled, CRL is not checked and a revoked EV certificate may be accepted, enabling MITM-style spoofing of SSL. Public d...