Mac OS X Fraudulent DigiNotar Digital Certificates (Security Update 2011-005)

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.

Synopsis :

The remote Mac OS X host contains support for an untrusted
certificate authority.

Description :

The remote host is running a version of Mac OS X 10.6 or 10.7 that
does not have Security Update 2011-005 applied. Due to the issuance
of several fraudulent SSL certificates, this security update removes
DigiNotar from the list of trusted root certificates as well as the
list of Extended Validation (EV) certificate authorities. It also
configures default system trust settings so that DigiNotar's
certificates, including those issued by other authorities, are not

See also :

Solution :

Install Security Update 2011-005 or later.

Risk factor :

Medium / CVSS Base Score : 5.8

Family: MacOS X Local Security Checks

Nessus Plugin ID: 56141 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial