This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote host has an application installed that is prone to a
The remote Mac OS X host has Apple Xcode prior to 5.0 installed. It,
therefore, includes a version of git in which the imap-send command
reportedly does not verify that a server hostname matches the domain
name in its X.509 certificate. A man-in-the-middle attacker could
leverage this vulnerability to spoof SSL servers via an arbitrary
See also :
Upgrade to Apple Xcode version 5.0 or later, available for OS X
Mountain Lion 10.8.4 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true