This script is Copyright (C) 2013 Tenable Network Security, Inc.
The Mac OS X host has a remote management application that is
potentially affected by multiple vulnerabilities.
According to its version, the Apple Remote Desktop install on the
remote host is earlier than 3.5.4 / 3.7. As such, it is potentially
affected the following vulnerabilities :
- A format string vulnerability exists in Remote
Desktop's handling of a VNC username. (CVE-2013-5135)
- An information disclosure vulnerability exists because
Remote Desktop may use password authentication without
warning that the connection would be encrypted if a
third-party VNC server supports certain authentication
types. Note that this does not affect installs of
version 3.5.x or earlier. (CVE_2013-5136)
See also :
Upgrade to Apple Remote Desktop 3.5.4 / 3.7 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: MacOS X Local Security Checks
Nessus Plugin ID: 70609 ()
Bugtraq ID: 6328463286
CVE ID: CVE-2013-5135CVE-2013-5136
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.