Mac OS X 10.6 < 10.6.8 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800790

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

Versions of Mac OS X 10.6 earlier than 10.6.8 are potentially affected by a security issue. Mac OS X 10.6.8 contains a security fix for the following products :

- App Store

- ATS

- Certificate Trust Policy

- CoreFoundation

- CoreGraphics

- FTP Server

- ImageIO

- International Components for Unicode

- Kernel

- Libsystem

- libxslt

- MobileMe

- MySQL

- OpenSSL

- patch

- QuickLook

- QuickTime

- Samba

- servermgrd

- subversion
IAVA Reference : 2011-A-0160
IAVB Reference : 2012-B-0038
STIG Finding Severity : Category I

Solution

Upgrade to Mac OS X 10.6.8 or later.

See Also

support.apple.com/kb/HT4723

lists.apple.com/archives/security-announce/2011/Jun/msg00000.html

Plugin Details

Severity: High

ID: 800790

Published: 6/23/2011

Updated: 6/23/2011

Nessus ID: 55416

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 6/23/2011

Vulnerability Publication Date: 6/23/2011

Reference Information

CVE: CVE-2010-4651, CVE-2010-4180, CVE-2011-0014, CVE-2010-3677, CVE-2010-3682, CVE-2010-3833, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838, CVE-2009-3245, CVE-2011-0715, CVE-2010-3864, CVE-2011-0719, CVE-2010-0740, CVE-2010-3834, CVE-2011-0195, CVE-2010-2632, CVE-2011-0197, CVE-2011-0205, CVE-2011-0206, CVE-2010-3790, CVE-2011-1132, CVE-2011-0202, CVE-2011-0210, CVE-2011-0212, CVE-2011-0198, CVE-2011-0201, CVE-2011-0208, CVE-2011-0207, CVE-2011-0213, CVE-2011-0211, CVE-2011-0203, CVE-2011-0209, CVE-2011-0204, CVE-2011-0199

BID: 46768, 45164, 46264, 42599, 42646, 43676, 38562, 46734, 44884, 46597, 39013, 44794, 48319, 48418, 48419, 48420, 48422, 48426, 48427, 48429, 48430, 48436, 48437, 48439, 48440, 48442, 48443, 48444, 48445, 48447