Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)

critical Nessus Plugin ID 62213

Synopsis

The remote host is missing a Mac OS X update that fixes multiple security vulnerabilities.

Description

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components :

- Apache
- Data Security
- DirectoryService
- ImageIO
- International Components for Unicode
- Mail
- PHP
- QuickLook
- QuickTime
- Ruby

Solution

Install Security Update 2012-004 or later.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-12-185/

http://seclists.org/fulldisclosure/2012/Nov/111

http://support.apple.com/kb/HT5501

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

https://www.imperialviolet.org/2011/09/23/chromeandbeast.html

https://www.openssl.org/~bodo/tls-cbc.txt

Plugin Details

Severity: Critical

ID: 62213

File Name: macosx_SecUpd2012-004.nasl

Version: 1.28

Type: local

Agent: macosx

Published: 9/20/2012

Updated: 12/5/2022

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-2688

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/19/2012

Vulnerability Publication Date: 7/15/2011

CISA Known Exploited Vulnerability Due Dates: 4/15/2022

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (PHP CGI Argument Injection)

Reference Information

CVE: CVE-2011-3026, CVE-2011-3048, CVE-2011-3368, CVE-2011-3389, CVE-2011-3607, CVE-2011-4317, CVE-2011-4599, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053, CVE-2012-0650, CVE-2012-0668, CVE-2012-0670, CVE-2012-0671, CVE-2012-0831, CVE-2012-1172, CVE-2012-1173, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3719, CVE-2012-3722

BID: 47545, 49778, 49957, 50494, 50802, 51006, 51407, 51705, 51706, 51954, 52049, 52830, 52891, 53388, 53403, 53579, 53582, 53584, 53729, 53772, 54638, 56240, 56241

APPLE-SA: APPLE-SA-2012-09-19-2

CERT: 864643