iTunes < 10.5.1 Update Authenticity Verification Weakness (uncredentialed check)

This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.


Synopsis :

The remote host contains an application that is susceptible to a
man-in-the-middle attack.

Description :

The version of iTunes installed on the remote host is earlier than
10.5.1. As such, it uses an unsecured HTTP connection when checking
for or retrieving software updates, which could allow a
man-in-the-middle attacker to provide a Trojan horse update that
appears to originate from Apple.

See also :

http://archives.neohapsis.com/archives/bugtraq/2008-07/0250.html
http://support.apple.com/kb/HT5030
http://lists.apple.com/archives/security-announce/2011/Nov/msg00003.html

Solution :

Upgrade to iTunes 10.5.1 or later.

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.2
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Peer-To-Peer File Sharing

Nessus Plugin ID: 56873 ()

Bugtraq ID: 50672

CVE ID: CVE-2008-3434