Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800790

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

Versions of Mac OS X 10.6 earlier than 10.6.8 are potentially affected by a security issue. Mac OS X 10.6.8 contains a security fix for the following products :

- App Store

- ATS

- Certificate Trust Policy

- CoreFoundation

- CoreGraphics

- FTP Server

- ImageIO

- International Components for Unicode

- Kernel

- Libsystem

- libxslt

- MobileMe

- MySQL

- OpenSSL

- patch

- QuickLook

- QuickTime

- Samba

- servermgrd

- subversion
IAVA Reference : 2011-A-0160
IAVB Reference : 2012-B-0038
STIG Finding Severity : Category I

Solution

Upgrade to Mac OS X 10.6.8 or later.

See Also

support.apple.com/kb/HT4723

lists.apple.com/archives/security-announce/2011/Jun/msg00000.html

Plugin Details

Severity: High

ID: 800790

File Name: 800790.prm

Published: 2011/06/23

Nessus ID: 55416

Risk Information

Risk Factor: High

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2011/06/23

Vulnerability Publication Date: 2011/06/23

Reference Information

CVE: CVE-2009-3245, CVE-2010-0740, CVE-2010-2632, CVE-2010-3677, CVE-2010-3682, CVE-2010-3790, CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2010-3864, CVE-2010-4180, CVE-2010-4651, CVE-2011-0014, CVE-2011-0195, CVE-2011-0197, CVE-2011-0198, CVE-2011-0199, CVE-2011-0201, CVE-2011-0202, CVE-2011-0203, CVE-2011-0204, CVE-2011-0205, CVE-2011-0206, CVE-2011-0207, CVE-2011-0208, CVE-2011-0209, CVE-2011-0210, CVE-2011-0211, CVE-2011-0212, CVE-2011-0213, CVE-2011-0715, CVE-2011-0719, CVE-2011-1132

BID: 38562, 39013, 42646, 42599, 43676, 44794, 44884, 45164, 46264, 46597, 46734, 46768, 48319, 48418, 48419, 48420, 48422, 48426, 48427, 48429, 48430, 48436, 48437, 48439, 48440, 48442, 48443, 48444, 48445, 48447