Detections
Analytics

Mac OS X Multiple Vulnerabilities (Security Update 2013-001)

high Nessus Plugin ID 65578

Language:

Synopsis

The remote host is missing a Mac OS X update that fixes several security issues.

Description

The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2013-001 applied. This update contains numerous security-related fixes for the following components :

 - Apache
 - CoreTypes (10.7 only)
 - International Components for Unicode
 - Identity Services (10.7 only)
 - ImageIO
 - Messages Server (Server only)
 - PDFKit
 - Podcast Producer Server (Server only)
 - PostgreSQL (Server only)
 - Profile Manager (10.7 Server only)
 - QuickTime
 - Ruby (10.6 Server only)
 - Security
 - Software Update
 - Wiki Server (10.7 Server only)

Note that the update also runs a malware removal tool that will remove the most common variants of malware.

Solution

Install Security Update 2013-001 or later.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-13-055/

http://support.apple.com/kb/HT5672

http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html

http://www.securityfocus.com/archive/1/526003/30/0/threaded

Plugin Details

Severity: High

ID: 65578

File Name: macosx_SecUpd2013-001.nasl

Version: 1.18

Type: local

Agent: macosx

Published: 3/15/2013

Updated: 7/14/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/MacOSX/packages/boms

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/14/2013

Vulnerability Publication Date: 3/28/2012

Exploitable With

Metasploit (Ruby on Rails JSON Processor YAML Deserialization Code Execution)

Reference Information

CVE: CVE-2011-3058, CVE-2012-2088, CVE-2012-3488, CVE-2012-3489, CVE-2012-3525, CVE-2012-3756, CVE-2013-0156, CVE-2013-0333, CVE-2013-0963, CVE-2013-0966, CVE-2013-0967, CVE-2013-0971, CVE-2013-0973

BID: 52762, 54270, 55072, 55074, 55167, 56552, 57187, 57575, 57598, 58509, 58513, 58514, 58516

APPLE-SA: APPLE-SA-2013-03-14-1