Mac OS X Multiple Vulnerabilities (Security Update 2004-05-03)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a Mac OS X update that fixes a security
issue.

Description :

The remote host is missing Security Update 2004-05-03.
This security update includes updates for AFP Server, CoreFoundation,
and IPSec.

It also includes Security Update 2004-04-05, which includes updates
for CUPS, libxml2, Mail, and OpenSSL.

For Mac OS X 10.2.8, it also includes updates for Apache 1.3,
cd9660.util, Classic, CUPS, Directory Services, DiskArbitration,
fetchmail, fs_usage, gm4, groff, Mail, OpenSSL, Personal File Sharing,
PPP, rsync, Safari, System Configuration, System Initialization, and
zlib.

This update fixes various issues which may allow an attacker to
execute arbitrary code on the remote host.

See also :

http://support.apple.com/kb/HT1646
http://lists.apple.com/archives/security-announce/2004/May/msg00000.html

Solution :

Install Security Update 2004-05-03.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 12518 (macosx_SecUpd20040503.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0020
CVE-2004-0113
CVE-2004-0155
CVE-2004-0174
CVE-2004-0392
CVE-2004-0403
CVE-2004-0428
CVE-2004-0430