Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a Mac OS X update that fixes various
security issues.

Description :

The remote host is running a version of Mac OS X 10.6 that is older
than version 10.6.5.

Mac OS X 10.6.5 contains security fixes for the following products :

- AFP Server
- Apache mod_perl
- Apache
- AppKit
- ATS
- CFNetwork
- CoreGraphics
- CoreText
- CUPS
- Directory Services
- diskdev_cmds
- Disk Images
- Flash Player plug-in
- gzip
- Image Capture
- ImageIO
- Image RAW
- Kernel
- MySQL
- neon
- Networking
- OpenLDAP
- OpenSSL
- Password Server
- PHP
- Printing
- python
- QuickLook
- QuickTime
- Safari RSS
- Time Machine
- Wiki Server
- X11
- xar

See also :

http://support.apple.com/kb/HT4435
http://lists.apple.com/archives/security-announce/2010/Nov/msg00000.html

Solution :

Upgrade to Mac OS X 10.6.5 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 50548 ()

Bugtraq ID: 31537
34383
34550
36079
38478
38491
38494
38708
39658
40361
40363
40365
40586
40779
40780
40781
40782
40783
40784
40785
40786
40787
40788
40789
40790
40791
40792
40793
40794
40795
40796
40797
40798
40799
40800
40801
40802
40803
40805
40806
40807
40808
40809
41049
41174
41770
42285
42621
42624
44504
44530
44671
44784
44785
44787
44789
44790
44792
44794
44795
44796
44798
44799
44800
44802
44803
44804
44805
44806
44807
44808
44811
44812
44813
44814
44815
44816
44817
44819
44822
44828
44829
44831
44832
44833
44834
44835
44840

CVE ID: CVE-2008-4546
CVE-2009-0796
CVE-2009-0946
CVE-2009-2473
CVE-2009-2474
CVE-2009-2624
CVE-2009-3793
CVE-2009-4134
CVE-2010-0001
CVE-2010-0105
CVE-2010-0205
CVE-2010-0209
CVE-2010-0211
CVE-2010-0212
CVE-2010-0397
CVE-2010-0408
CVE-2010-0434
CVE-2010-1205
CVE-2010-1297
CVE-2010-1378
CVE-2010-1449
CVE-2010-1450
CVE-2010-1752
CVE-2010-1803
CVE-2010-1811
CVE-2010-1828
CVE-2010-1829
CVE-2010-1830
CVE-2010-1831
CVE-2010-1832
CVE-2010-1833
CVE-2010-1834
CVE-2010-1836
CVE-2010-1837
CVE-2010-1838
CVE-2010-1840
CVE-2010-1841
CVE-2010-1842
CVE-2010-1843
CVE-2010-1844
CVE-2010-1845
CVE-2010-1846
CVE-2010-1847
CVE-2010-1848
CVE-2010-1849
CVE-2010-1850
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
CVE-2010-2249
CVE-2010-2497
CVE-2010-2498
CVE-2010-2499
CVE-2010-2500
CVE-2010-2519
CVE-2010-2520
CVE-2010-2531
CVE-2010-2805
CVE-2010-2806
CVE-2010-2807
CVE-2010-2808
CVE-2010-2884
CVE-2010-2941
CVE-2010-3053
CVE-2010-3054
CVE-2010-3636
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3783
CVE-2010-3784
CVE-2010-3785
CVE-2010-3786
CVE-2010-3787
CVE-2010-3788
CVE-2010-3789
CVE-2010-3790
CVE-2010-3791
CVE-2010-3792
CVE-2010-3793
CVE-2010-3794
CVE-2010-3795
CVE-2010-3796
CVE-2010-3797
CVE-2010-3798
CVE-2010-3976