Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities

Critical Nessus Plugin ID 62215

Synopsis

The remote host is missing a Mac OS X update that fixes several security issues.

Description

The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.2. The newer version contains multiple security-related fixes for the following components :

- BIND
- Data Security
- LoginWindow
- Mobile Accounts
- PHP

Solution

Upgrade to Mac OS X 10.8.2 or later.

See Also

http://support.apple.com/kb/HT5501

http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html

Plugin Details

Severity: Critical

ID: 62215

File Name: macosx_10_8_2.nasl

Version: 1.20

Type: combined

Agent: macosx

Published: 2012/09/20

Modified: 2018/07/16

Dependencies: 12634, 11936

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/09/19

Vulnerability Publication Date: 2011/11/16

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (PHP CGI Argument Injection)

Reference Information

CVE: CVE-2011-4313, CVE-2012-0831, CVE-2012-1172, CVE-2012-1667, CVE-2012-1823, CVE-2012-2143, CVE-2012-2311, CVE-2012-2386, CVE-2012-2688, CVE-2012-3718, CVE-2012-3720

BID: 47545, 50690, 51954, 53388, 53403, 53729, 53772, 54638, 56243, 56252