Mac OS X Multiple Vulnerabilities (Security Update 2009-001)

Critical Nessus Plugin ID 35684

Synopsis

The remote host is missing a Mac OS X update that fixes various security issues.

Description

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied.

This security update contains fixes for the following products :

- AFP Server
- Apple Pixlet Video
- CarbonCore
- CFNetwork
- Certificate Assistant
- ClamAV
- CoreText
- CUPS
- DS Tools
- fetchmail
- Folder Manager
- FSEvents
- Network Time
- perl
- Printing
- python
- Remote Apple Events
- Safari RSS
- servermgrd
- SMB
- SquirrelMail
- X11
- XTerm

Solution

Install Security Update 2009-001 or later.

See Also

http://support.apple.com/kb/ht3438

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

Plugin Details

Severity: Critical

ID: 35684

File Name: macosx_SecUpd2009-001.nasl

Version: 1.32

Type: local

Agent: macosx

Published: 2009/02/13

Updated: 2018/07/16

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/02/12

Reference Information

CVE: CVE-2006-1861, CVE-2006-3467, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667, CVE-2007-4565, CVE-2007-4965, CVE-2008-1377, CVE-2008-1379, CVE-2008-1679, CVE-2008-1721, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-1887, CVE-2008-1927, CVE-2008-2315, CVE-2008-2316, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-2379, CVE-2008-2711, CVE-2008-3142, CVE-2008-3144, CVE-2008-3663, CVE-2008-4864, CVE-2008-5031, CVE-2008-5050, CVE-2008-5183, CVE-2008-5314, CVE-2009-0009, CVE-2009-0011, CVE-2009-0012, CVE-2009-0013, CVE-2009-0014, CVE-2009-0015, CVE-2009-0017, CVE-2009-0018, CVE-2009-0019, CVE-2009-0020, CVE-2009-0137, CVE-2009-0138, CVE-2009-0139, CVE-2009-0140, CVE-2009-0141, CVE-2009-0142

BID: 25495, 25696, 28715, 28749, 28928, 29705, 30491, 31976, 32207, 32555, 33187, 33796, 33798, 33800, 33806, 33808, 33809, 33810, 33811, 33812, 33813, 33814, 33815, 33816, 33820, 33821

CWE: 20, 79, 119, 189, 255, 264, 287, 310, 362, 399