Mac OS X Multiple Vulnerabilities (Security Update 2005-009)

high Nessus Plugin ID 20249

Synopsis

The remote operating system is missing a vendor-supplied patch.

Description

The remote host is running Apple Mac OS X, but lacks Security Update 2005-009.

This security update contains fixes for the following applications :

- Apache2
- Apache_mod_ssl
- CoreFoundation
- curl
- iodbcadmintool
- OpenSSL
- passwordserver
- Safari
- sudo
- syslog

Solution

Mac OS X 10.4 :
http://www.apple.com/support/downloads/securityupdate2005009tigerclient.html http://www.apple.com/support/downloads/securityupdate2005009tigerserver.html

Mac OS X 10.3 :
http://www.apple.com/support/downloads/securityupdate2005009pantherclient.html http://www.apple.com/support/downloads/securityupdate2005009pantherserver.html

See Also

http://docs.info.apple.com/article.html?artnum=302847

Plugin Details

Severity: High

ID: 20249

File Name: macosx_SecUpd2005-009.nasl

Version: 1.21

Type: local

Agent: macosx

Published: 11/30/2005

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.3, cpe:/o:apple:mac_os_x:10.4

Required KB Items: Host/MacOSX/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 6/21/2005

Vulnerability Publication Date: 6/6/2005

Reference Information

CVE: CVE-2005-1993, CVE-2005-2088, CVE-2005-2272, CVE-2005-2491, CVE-2005-2700, CVE-2005-2757, CVE-2005-2969, CVE-2005-3185, CVE-2005-3700, CVE-2005-3701, CVE-2005-3702, CVE-2005-3704, CVE-2005-3705

BID: 13993, 14011, 14106, 14620, 14721, 15071, 15102, 16882, 16903, 16904, 16926, 29011