Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800796

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

Versions of Mac OS X 10.6 earlier than 10.6.7 are potentially affected by a security issue. Mac OS X 10.6.7 contains a security fix for the following products :

- Airport

- Apache

- AppleScript

- ATS

- bzip2

- CarbonCore

- ClamAV

- CoreText

- HFS

- ImageIO

- Image RAW

- Installer

- Kerberos

- Kernel

- Libinfo

- libxml

- Mailman

- PHP

- QuickLook

- QuickTime

- Ruby

- Samba

- Subversion

- Terminal

- X11
IAVB Reference : 2010-B-0083
STIG Finding Severity : Category II

Solution

Upgrade to Mac OS X 10.6.7 or later.

See Also

support.apple.com/kb/HT4581

lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Plugin Details

Severity: High

ID: 800796

File Name: 800796.prm

Published: 2011/03/21

Nessus ID: 52754

Risk Information

Risk Factor: High

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2011/03/21

Vulnerability Publication Date: 2011/03/21

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2006-7243, CVE-2010-0405, CVE-2010-1323, CVE-2010-1324, CVE-2010-1452, CVE-2010-2068, CVE-2010-2950, CVE-2010-3069, CVE-2010-3089, CVE-2010-3315, CVE-2010-3434, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710, CVE-2010-3801, CVE-2010-3802, CVE-2010-3814, CVE-2010-3855, CVE-2010-3870, CVE-2010-4008, CVE-2010-4009, CVE-2010-4020, CVE-2010-4021, CVE-2010-4150, CVE-2010-4260, CVE-2010-4261, CVE-2010-4409, CVE-2010-4479, CVE-2010-4494, CVE-2011-0170, CVE-2011-0172, CVE-2011-0173, CVE-2011-0174, CVE-2011-0175, CVE-2011-0176, CVE-2011-0177, CVE-2011-0178, CVE-2011-0179, CVE-2011-0180, CVE-2011-0181, CVE-2011-0182, CVE-2011-0183, CVE-2011-0184, CVE-2011-0186, CVE-2011-0187, CVE-2011-0188, CVE-2011-0189, CVE-2011-0190, CVE-2011-0191, CVE-2011-0192, CVE-2011-0193, CVE-2011-0194, CVE-2011-1417

BID: 40827, 41963, 43187, 43212, 43331, 43678, 43555, 43926, 44214, 44779, 44605, 44643, 44718, 44723, 44951, 44980, 45116, 45117, 45118, 45119, 45122, 45152, 45239, 45240, 45241, 45617, 46657, 46658, 46659, 46832, 46965, 46966, 46971, 46972, 46973, 46982, 46984, 46987, 46988, 46989, 46990, 46991, 46992, 46993, 46994, 46995, 46996, 46997, 47023