Detections
Analytics

Mac OS X Multiple Vulnerabilities (Security Update 2009-001)

critical Nessus Plugin ID 35684

Synopsis

The remote host is missing a Mac OS X update that fixes various security issues.

Description

The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied.

This security update contains fixes for the following products :

 - AFP Server
 - Apple Pixlet Video
 - CarbonCore
 - CFNetwork
 - Certificate Assistant
 - ClamAV
 - CoreText
 - CUPS
 - DS Tools
 - fetchmail
 - Folder Manager
 - FSEvents
 - Network Time
 - perl
 - Printing
 - python
 - Remote Apple Events
 - Safari RSS
 - servermgrd
 - SMB
 - SquirrelMail
 - X11
 - XTerm

Solution

Install Security Update 2009-001 or later.

See Also

http://support.apple.com/kb/ht3438

http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html

Plugin Details

Severity: Critical

ID: 35684

File Name: macosx_SecUpd2009-001.nasl

Version: 1.32

Type: local

Agent: macosx

Published: 2/13/2009

Updated: 7/16/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/MacOSX/packages, Host/uname

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/12/2009

Reference Information

CVE: CVE-2006-1861, CVE-2006-3467, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667, CVE-2007-4565, CVE-2007-4965, CVE-2008-1377, CVE-2008-1379, CVE-2008-1679, CVE-2008-1721, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-1887, CVE-2008-1927, CVE-2008-2315, CVE-2008-2316, CVE-2008-2360, CVE-2008-2361, CVE-2008-2362, CVE-2008-2379, CVE-2008-2711, CVE-2008-3142, CVE-2008-3144, CVE-2008-3663, CVE-2008-4864, CVE-2008-5031, CVE-2008-5050, CVE-2008-5183, CVE-2008-5314, CVE-2009-0009, CVE-2009-0011, CVE-2009-0012, CVE-2009-0013, CVE-2009-0014, CVE-2009-0015, CVE-2009-0017, CVE-2009-0018, CVE-2009-0019, CVE-2009-0020, CVE-2009-0137, CVE-2009-0138, CVE-2009-0139, CVE-2009-0140, CVE-2009-0141, CVE-2009-0142

BID: 25495, 25696, 28715, 28749, 28928, 29705, 30491, 31976, 32207, 32555, 33187, 33796, 33798, 33800, 33806, 33808, 33809, 33810, 33811, 33812, 33813, 33814, 33815, 33816, 33820, 33821

CWE: 119, 189, 20, 255, 264, 287, 310, 362, 399, 79