Mac OS X Multiple Vulnerabilities (Security Update 2006-004)

Critical Nessus Plugin ID 22125

Synopsis

The remote operating system is missing a vendor-supplied patch.

Description

The remote host is running Apple Mac OS X, but lacks Security Update 2006-004.

This security update contains fixes for the following applications :

AFP Server Bluetooth Bom DHCP dyld fetchmail gnuzip ImageIO LaunchServices OpenSSH telnet WebKit

Solution

Mac OS X 10.4 :

http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientintel.html http://www.apple.com/support/downloads/securityupdate2006004macosx1047clientppc.html

Mac OS X 10.3 :

http://www.apple.com/support/downloads/securityupdate20060041039client.html http://www.apple.com/support/downloads/securityupdate20060041039server.html

See Also

http://www.nessus.org/u?6e97e41a

Plugin Details

Severity: Critical

ID: 22125

File Name: macosx_SecUpd2006-004.nasl

Version: 1.23

Type: local

Agent: macosx

Published: 2006/08/01

Updated: 2018/07/14

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/MacOSX/packages

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2006/08/01

Vulnerability Publication Date: 2006/06/26

Exploitable With

Metasploit (Apple iOS MobileMail LibTIFF Buffer Overflow)

Reference Information

CVE: CVE-2005-0488, CVE-2005-0988, CVE-2005-1228, CVE-2005-2335, CVE-2005-3088, CVE-2005-4348, CVE-2006-0321, CVE-2006-0392, CVE-2006-0393, CVE-2006-1472, CVE-2006-1473, CVE-2006-3459, CVE-2006-3461, CVE-2006-3462, CVE-2006-3465, CVE-2006-3495, CVE-2006-3496, CVE-2006-3497, CVE-2006-3498, CVE-2006-3499, CVE-2006-3500, CVE-2006-3501, CVE-2006-3502, CVE-2006-3503, CVE-2006-3504, CVE-2006-3505

BID: 19289