Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities

high Nessus Plugin ID 52754

Synopsis

The remote host is missing a Mac OS X update that fixes several security issues.

Description

The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7.

Mac OS X 10.6.7 contains security fixes for the following products :

- AirPort
- Apache
- AppleScript
- ATS
- bzip2
- CarbonCore
- ClamAV
- CoreText
- File Quarantine
- HFS
- ImageIO
- Image RAW
- Installer
- Kerberos
- Kernel
- Libinfo
- libxml
- Mailman
- PHP
- QuickLook
- QuickTime
- Ruby
- Samba
- Subversion
- Terminal
- X11

Solution

Upgrade to Mac OS X 10.6.7 or later.

See Also

http://support.apple.com/kb/HT4581

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Plugin Details

Severity: High

ID: 52754

File Name: macosx_10_6_7.nasl

Version: 1.33

Type: combined

Agent: macosx

Published: 3/22/2011

Updated: 8/22/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/21/2011

Vulnerability Publication Date: 12/18/2006

Exploitable With

CANVAS (CANVAS)

Core Impact

Reference Information

CVE: CVE-2006-7243, CVE-2010-0405, CVE-2010-1323, CVE-2010-1324, CVE-2010-1452, CVE-2010-2068, CVE-2010-2950, CVE-2010-3069, CVE-2010-3089, CVE-2010-3315, CVE-2010-3434, CVE-2010-3709, CVE-2010-3710, CVE-2010-3801, CVE-2010-3802, CVE-2010-3814, CVE-2010-3855, CVE-2010-3870, CVE-2010-4008, CVE-2010-4009, CVE-2010-4020, CVE-2010-4021, CVE-2010-4150, CVE-2010-4260, CVE-2010-4261, CVE-2010-4409, CVE-2010-4479, CVE-2010-4494, CVE-2011-0170, CVE-2011-0172, CVE-2011-0173, CVE-2011-0174, CVE-2011-0175, CVE-2011-0176, CVE-2011-0177, CVE-2011-0178, CVE-2011-0179, CVE-2011-0180, CVE-2011-0181, CVE-2011-0182, CVE-2011-0183, CVE-2011-0184, CVE-2011-0186, CVE-2011-0187, CVE-2011-0188, CVE-2011-0189, CVE-2011-0190, CVE-2011-0191, CVE-2011-0192, CVE-2011-0193, CVE-2011-0194, CVE-2011-1417

BID: 40827, 43212, 43555, 43926, 44214, 44605, 44643, 44718, 44779, 44980, 45116, 45117, 45118, 45119, 45122, 45152, 46832, 46965, 46966, 46971, 46972, 46973, 46982, 46984, 46987, 46988, 46989, 46990, 46991, 46992, 46993, 46994, 46995, 46996, 46997, 47023

IAVB: 2010-B-0083