Apple iOS < 5.0 Multiple Vulnerabilities

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

Report iOS devices older than 5.0.

Description :

The mobile device is running a version of iOS that is older than
version 5.0. Version 5.0 contains numerous security-related fixes for
the following vulnerabilities :

- Apple iOS Calendar Synchronization SSL Certificate
Validation Information Disclosure Vulnerability
(CVE-2011-3253)

- Apple iOS Calendar Cross-Site Scripting Vulnerability
(CVE-2011-3254)

- Apple iOS CFNetwork Information Disclosure Vulnerability
(CVE-2011-3255)

- Apple iOS and Mac OS X CFNetwork Cross Domain
Information Disclosure Vulnerability (CVE-2011-3246)

- Apple Mac OS X CoreFoundation Memory Corruption
Vulnerability (CVE-2011-0259)

- FreeType Font Document Multiple Memory Corruption
Vulnerabilities (CVE-2011-3256)

- Apple Mac OS X QuickTime Cross-Domain Information
Disclosure Vulnerability (CVE-2011-0187)

- Apple iOS Mail Cookie Synchronization Validation
Information Disclosure Vulnerability (CVE-2011-3257)

- SSL/TLS Protocol Initialization Vector Implementation
Information Disclosure Vulnerability (CVE-2011-3389)

- Opera Web Browser Information Disclosure Vulnerability

- Apple iOS Home Screen Information Disclosure
Vulnerability (CVE-2011-3431)

- libTIFF CCITT Group 4 Encoded TIFF Image Buffer Overflow
Vulnerability (CVE-2011-0192)

- Apple Safari ImageIO TIFF Image Handling Heap Buffer
Overflow Vulnerability (CVE-2011-0241)

- Apple Mac OS X ICU Buffer Overflow Vulnerability
(CVE-2011-0206)

- Apple Kernel TCP Exhaustion Denial of Service
Vulnerability (CVE-2011-3259)

- Apple Mac OS X IPV6 Socket Options Denial of Service
Vulnerability (CVE-2011-1132)

- Apple iOS Keyboard Information Disclosure Vulnerability
(CVE-2011-3245)

- Apple Safari 'libxml' Remote Code Execution
Vulnerability (CVE-2011-0216)

- Apple iPhone/iPad/iPod Touch prior to iOS 5 Buffer
Overflow Vulnerability (CVE-2011-3260)

- Apple iPhone/iPad/iPod Touch prior to iOS 5 Remote Code
Execution Vulnerability (CVE-2011-3261)

- Apple Mac OS X QuickLook Office File Memory Corruption
Vulnerability (CVE-2011-0208)

- Apple Mac OS X QuickLook Remote Code Execution
Vulnerability (CVE-2011-0184)

- Apple iPhone/iPad/iPod Touch 'Content-Disposition'
Header Cross-Site Scripting Vulnerability
(CVE-2011-3246)

- Apple iOS Parental Restrictions Passcode Information
Disclosure Vulnerability (CVE-2011-3249)

- Apple iOS Insecure Misleading UI Insecure
Configuration Weakness (CVE-2011-3430)

- Apple iOS Remote Denial of Service Vulnerability
(CVE-2011-3432)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0218)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0221)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0222)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0225)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0232)

- WebKit FrameOwner Element Memory Corruption Remote
Code Execution Vulnerability (CVE-2011-0233)

- WebKit Malformed XHTML Tags Use-After-Free
Memory Corruption Vulnerability (CVE-2011-0234)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0235)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0238)

- WebKit 'NamedNodeMap.cpp' Memory Corruption Remote
Code Execution Vulnerability (CVE-2011-0254)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-0255)

- Google Chrome prior to 9.0.597.94 Multiple Security
Vulnerabilities (CVE-2011-0981)

- Google Chrome prior to 9.0.597.107 Multiple Security
Vulnerabilities (CVE-2011-1109)

- Google Chrome prior to 10.0.648.127 Multiple Security
Vulnerabilities (CVE-2011-1188)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-1288)

- Google Chrome prior to 10.0.648.204 Multiple Security
Vulnerabilities (CVE-2011-1293)

- Google Chrome prior to 11.0.696.57 Multiple Security
Vulnerabilities (CVE-2011-1449)

- WebKit MathML Tags Use-After-Free Remote Code Execution
Vulnerability

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-1453)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-1457)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-1462)

- WebKit Memory Corruption Remote Code Execution
Vulnerability (CVE-2011-1797)

- WebKit Multiple Unspecified Remote Code Execution
Vulnerabilities (CVE-2011-2338)

- WebKit Style Sheet Elements Remote Code Execution
Vulnerability (CVE-2011-2341)

- Google Chrome Prior to 12.0.742.112 Multiple Security
Vulnerabilities (CVE-2011-2351)

- Google Chrome Prior to 13.0.782.107 Multiple Security
Vulnerabilities (CVE-2011-2359)

- Google Chrome Prior to 13.0.782.215 Multiple Security
Vulnerabilities (CVE-2011-2823)

- Mozilla Firefox/Thunderbird/SeaMonkey YARR Remote Code
Execution Vulnerability (CVE-2011-3232)

- Google Chrome Prior to 14.0.835.163 Multiple Security
Vulnerabilities (CVE-2011-3234)

- WebKit Embedded URL Cross Domain Scripting Vulnerability
(CVE-2011-0242)

- WebKit Address Bar URI Spoofing Vulnerability
(CVE-2011-1107)

- WebKit 'libxslt' Remote Code Execution Vulnerability
(CVE-2011-1774)

- WebKit 'HTML5' Drag and Drop Cross-Origin Information
Disclosure Vulnerability (CVE-2011-0166)

- WebKit Inactive DOM Windows Cross Domain Scripting
Vulnerability (CVE-2011-3243)

- Apple iOS WiFi Credentials Information Disclosure
Vulnerability (CVE-2011-3234)

See also :

http://support.apple.com/kb/HT4999

Solution :

Apple has released a set of patches for your iOS-based device.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Mobile Devices

Nessus Plugin ID: 60026 ()

Bugtraq ID: 50149
50161
50143
50115
50067
50155
46992
50156
49778
49388
50147
46658
48833
48429
50087
48422
50151
48832
50123
50157
48440
46965
50124
50152
50159
50158
48842
48843
48844
48845
48846
48847
48823
48848
48850
48852
48853
46262
46614
46785
48854
47029
47604
48824
48855
48856
48857
48858
50066
51032
48479
48960
49279
49850
49658
48859
47020
48840
46811
50088
50154

CVE ID: CVE-2011-3253
CVE-2011-3254
CVE-2011-3255
CVE-2011-3246
CVE-2011-0259
CVE-2011-3256
CVE-2011-0187
CVE-2011-3257
CVE-2011-3427
CVE-2011-3389
CVE-2011-3431
CVE-2011-0192
CVE-2011-0241
CVE-2011-0206
CVE-2011-3259
CVE-2011-1132
CVE-2011-3245
CVE-2011-0216
CVE-2011-3260
CVE-2011-3261
CVE-2011-0208
CVE-2011-0184
CVE-2011-3426
CVE-2011-3429
CVE-2011-3430
CVE-2011-3432
CVE-2011-0218
CVE-2011-0221
CVE-2011-0222
CVE-2011-0225
CVE-2011-0232
CVE-2011-0233
CVE-2011-0234
CVE-2011-0235
CVE-2011-0238
CVE-2011-0254
CVE-2011-0255
CVE-2011-0981
CVE-2011-0983
CVE-2011-1109
CVE-2011-1114
CVE-2011-1115
CVE-2011-1117
CVE-2011-1121
CVE-2011-1188
CVE-2011-1203
CVE-2011-1204
CVE-2011-1288
CVE-2011-1293
CVE-2011-1296
CVE-2011-1449
CVE-2011-1451
CVE-2011-1453
CVE-2011-1457
CVE-2011-1462
CVE-2011-1797
CVE-2011-2338
CVE-2011-2339
CVE-2011-2341
CVE-2011-2351
CVE-2011-2352
CVE-2011-2354
CVE-2011-2356
CVE-2011-2359
CVE-2011-2788
CVE-2011-2790
CVE-2011-2792
CVE-2011-2797
CVE-2011-2799
CVE-2011-2809
CVE-2011-2813
CVE-2011-2814
CVE-2011-2816
CVE-2011-2817
CVE-2011-2818
CVE-2011-2820
CVE-2011-2823
CVE-2011-2827
CVE-2011-2831
CVE-2011-3232
CVE-2011-3234
CVE-2011-3235
CVE-2011-3236
CVE-2011-3237
CVE-2011-3244
CVE-2011-0242
CVE-2011-1295
CVE-2011-1107
CVE-2011-1774
CVE-2011-0166
CVE-2011-1190
CVE-2011-2805
CVE-2011-3243
CVE-2011-2819
CVE-2011-2800
CVE-2011-3434