Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check)

Medium Nessus Plugin ID 66836

Synopsis

The remote Mac OS X host is affected by an unauthorized file access
vulnerability.

Description

The remote Mac OS X host is affected by an unauthorized file access
vulnerability. If SMB file sharing is enabled, an authenticated user
may be able to write files outside the shared directory.

Solution

Install Security Update 2013-002 or later.

See Also

http://support.apple.com/kb/HT5784

http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html

http://www.securityfocus.com/archive/1/526808/30/0/threaded

Plugin Details

Severity: Medium

ID: 66836

File Name: macosx_cve-2013-0990.nasl

Version: 2.2

Type: remote

Family: Misc.

Published: 2013/06/06

Modified: 2018/07/14

Dependencies: 10785

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.9

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/06/04

Vulnerability Publication Date: 2013/06/04

Reference Information

CVE: CVE-2013-0990

BID: 60239