How to Buy
This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote host has an application installed that is prone to a
The remote Mac OS X host has Apple Xcode prior to 5.0 installed. It,
therefore, includes a version of git in which the imap-send command
reportedly does not verify that a server hostname matches the domain
name in its X.509 certificate. A man-in-the-middle attacker could
leverage this vulnerability to spoof SSL servers via an arbitrary
See also :
Upgrade to Apple Xcode version 5.0 or later, available for OS X
Mountain Lion 10.8.4 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: MacOS X Local Security Checks
Nessus Plugin ID: 70093 ()
Bugtraq ID: 58148
CVE ID: CVE-2013-0308
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.