Mac OS X Multiple Vulnerabilities (Security Update 2015-004) (FREAK)

critical Nessus Plugin ID 82700

Synopsis

The remote host is missing a Mac OS X update that fixes multiple security vulnerabilities.

Description

The remote host is running a version of Mac OS X 10.8.5 or 10.9.5 that is missing Security Update 2015-004. It is, therefore, affected multiple vulnerabilities in the following components :

- Apache
- ATS
- Certificate Trust Policy
- CoreAnimation
- FontParser
- Graphics Driver
- ImageIO
- IOHIDFamily
- Kernel
- LaunchServices
- Open Directory Client
- OpenLDAP
- OpenSSL
- PHP
- QuickLook
- SceneKit
- Security - Code SIgning
- UniformTypeIdentifiers

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

Solution

Install Security Update 2015-004 or later.

See Also

https://support.apple.com/en-us/HT204659

http://www.nessus.org/u?cf90c4cb

Plugin Details

Severity: Critical

ID: 82700

File Name: macosx_SecUpd2015-004.nasl

Version: 1.17

Type: local

Agent: macosx

Published: 4/10/2015

Updated: 2/11/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2015-1132

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/8/2015

Vulnerability Publication Date: 4/8/2015

CISA Known Exploited Vulnerability Due Dates: 8/10/2022

Exploitable With

CANVAS (CANVAS)

Metasploit (Mac OS X IOKit Keyboard Driver Root Privilege Escalation)

Reference Information

CVE: CVE-2013-0118, CVE-2013-5704, CVE-2013-6438, CVE-2013-6712, CVE-2014-0098, CVE-2014-0117, CVE-2014-0118, CVE-2014-0207, CVE-2014-0226, CVE-2014-0231, CVE-2014-0237, CVE-2014-0238, CVE-2014-2497, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3523, CVE-2014-3538, CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-3587, CVE-2014-3597, CVE-2014-3668, CVE-2014-3669, CVE-2014-3670, CVE-2014-3710, CVE-2014-3981, CVE-2014-4049, CVE-2014-4380, CVE-2014-4404, CVE-2014-4405, CVE-2014-4670, CVE-2014-4698, CVE-2014-5120, CVE-2014-8275, CVE-2014-8830, CVE-2015-0204, CVE-2015-1091, CVE-2015-1093, CVE-2015-1098, CVE-2015-1099, CVE-2015-1100, CVE-2015-1101, CVE-2015-1104, CVE-2015-1117, CVE-2015-1131, CVE-2015-1132, CVE-2015-1133, CVE-2015-1134, CVE-2015-1135, CVE-2015-1136, CVE-2015-1137, CVE-2015-1139, CVE-2015-1140, CVE-2015-1143, CVE-2015-1144, CVE-2015-1145, CVE-2015-1146, CVE-2015-1147, CVE-2015-1545, CVE-2015-1546

BID: 58128, 64018, 66233, 66303, 66550, 67759, 67765, 67837, 68007, 68120, 68238, 68239, 68241, 68243, 68348, 68511, 68513, 68678, 68740, 68742, 68745, 68747, 69322, 69325, 69375, 69938, 69942, 69947, 70611, 70665, 70666, 70807, 71934, 71935, 71936, 71937, 71939, 71942, 72328, 72519, 73176, 73984

APPLE-SA: APPLE-SA-2015-04-08-2

CERT: 243585