Mac OS X Multiple Vulnerabilities (Security Update 2008-001)

critical Nessus Plugin ID 30254

Synopsis

The remote host is missing a Mac OS X update that fixes various security issues.

Description

The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-001 applied.

This update contains several security fixes for a number of programs.

Solution

Install Security Update 2008-001 or later.

See Also

http://docs.info.apple.com/article.html?artnum=307430

http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html

http://www.securityfocus.com/advisories/13987

Plugin Details

Severity: Critical

ID: 30254

File Name: macosx_SecUpd2008-001.nasl

Version: 1.26

Type: local

Agent: macosx

Published: 2/12/2008

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.4

Required KB Items: Host/MacOSX/packages, Host/uname

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/11/2008

Vulnerability Publication Date: 1/17/2007

Reference Information

CVE: CVE-2007-0355, CVE-2007-4568, CVE-2007-6015, CVE-2008-0035, CVE-2008-0037, CVE-2008-0038, CVE-2008-0039, CVE-2008-0040, CVE-2008-0041, CVE-2008-0042

BID: 22101, 25898, 26791, 27296, 27736

CWE: 119, 189, 200, 264, 399, 94