Mac OS X AFP Shared Folders Unauthenticated Access (Security Update 2010-006) (uncredentialed check)

This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.

Synopsis :

The remote host is missing a Mac OS X update that fixes a security

Description :

The remote host is running a version of Mac OS X 10.6 that does not
have Security Update 2010-006 applied.

This security update fixes an issue in AFP Server by which a remote
attacker with knowledge of an account name on the affected system
may be able to bypass the password validation and access AFP shared

Note that this issue is only exploitable when File Sharing is enabled,
and it is not by default.

See also :

Solution :

Install Security Update 2010-006 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 49308 ()

Bugtraq ID: 43341

CVE ID: CVE-2010-1820

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now