Mac OS X Multiple Vulnerabilities (Security Update 2014-005) (POODLE) (Shellshock)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a Mac OS X update that fixes multiple
security issues.

Description :

The remote host is running a version of Mac OS X 10.8 or 10.9 that
does not have Security Update 2014-005 applied. This update contains
several security-related fixes for the following issues :

- A command injection vulnerability in GNU Bash known as
Shellshock. The vulnerability is due to the processing
of trailing strings after function definitions in the
values of environment variables. This allows a remote
attacker to execute arbitrary code via environment
variable manipulation depending on the configuration of
the system. (CVE-2014-6271, CVE-2014-7169)

- A man-in-the-middle (MitM) information disclosure
vulnerability known as POODLE. The vulnerability is due
to the way SSL 3.0 handles padding bytes when decrypting
messages encrypted using block ciphers in cipher block
chaining (CBC) mode. A MitM attacker can decrypt a
selected byte of a cipher text in as few as 256 tries if
they are able to force a victim application to
repeatedly send the same data over newly created SSL 3.0
connections. (CVE-2014-3566)

Note that successful exploitation of the most serious issues can
result in arbitrary code execution.

See also :

https://support.apple.com/en-us/HT203107
http://www.securityfocus.com/archive/1/533721/30/0/threaded
http://seclists.org/oss-sec/2014/q3/650
https://www.invisiblethreat.ca/post/shellshock/
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Install Security Update 2014-005 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 78551 ()

Bugtraq ID: 70103
70137
70574

CVE ID: CVE-2014-3566
CVE-2014-6271
CVE-2014-7169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now