Mac OS X < 10.10 Multiple Vulnerabilities (POODLE) (Shellshock)

Critical Nessus Plugin ID 78550

Synopsis

The remote host is missing a Mac OS X update that fixes multiple vulnerabilities.

Description

The remote host is running a version of Mac OS X is prior to version 10.10. This update contains several security-related fixes for the following components :

- 802.1X
- AFP File Server
- apache
- App Sandbox
- Bash
- Bluetooth
- Certificate Trust Policy
- CFPreferences
- CoreStorage
- CUPS
- Dock
- fdesetup
- iCloud Find My Mac
- IOAcceleratorFamily
- IOHIDFamily
- IOKit
- Kernel
- LaunchServices
- LoginWindow
- Mail
- MCX Desktop Config Profiles
- NetFS Client Framework
- QuickTime
- Safari
- Secure Transport
- Security
- Security - Code Signing

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

Solution

Upgrade to Mac OS X version 10.10 or later.

See Also

https://support.apple.com/kb/HT6535

http://www.securityfocus.com/archive/1/533720/30/0/threaded

http://seclists.org/oss-sec/2014/q3/650

https://www.invisiblethreat.ca/post/shellshock/

http://www.nessus.org/u?e40f2f5a

https://www.imperialviolet.org/2014/10/14/poodle.html

https://www.openssl.org/~bodo/ssl-poodle.pdf

https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

http://www.nessus.org/u?c1fbcc64

Plugin Details

Severity: Critical

ID: 78550

File Name: macosx_10_10.nasl

Version: 1.27

Type: combined

Agent: macosx

Published: 2014/10/17

Updated: 2018/07/14

Dependencies: 11936, 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/10/16

Vulnerability Publication Date: 2013/09/19

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Apache mod_cgi Bash Environment Variable Code Injection (Shellshock))

Reference Information

CVE: CVE-2011-2391, CVE-2013-5150, CVE-2013-6438, CVE-2014-0098, CVE-2014-3537, CVE-2014-3566, CVE-2014-4351, CVE-2014-4364, CVE-2014-4371, CVE-2014-4373, CVE-2014-4375, CVE-2014-4380, CVE-2014-4388, CVE-2014-4391, CVE-2014-4404, CVE-2014-4405, CVE-2014-4407, CVE-2014-4408, CVE-2014-4417, CVE-2014-4418, CVE-2014-4419, CVE-2014-4420, CVE-2014-4421, CVE-2014-4422, CVE-2014-4425, CVE-2014-4426, CVE-2014-4427, CVE-2014-4428, CVE-2014-4430, CVE-2014-4431, CVE-2014-4432, CVE-2014-4433, CVE-2014-4434, CVE-2014-4435, CVE-2014-4436, CVE-2014-4437, CVE-2014-4438, CVE-2014-4439, CVE-2014-4440, CVE-2014-4441, CVE-2014-4442, CVE-2014-4443, CVE-2014-4444, CVE-2014-6271, CVE-2014-7169

BID: 62531, 62573, 66303, 68788, 69911, 69912, 69913, 69919, 69924, 69927, 69928, 69934, 69938, 69939, 69942, 69944, 69946, 69947, 69948, 70103, 70137, 70574, 70616, 70618, 70619, 70620, 70622, 70623, 70624, 70625, 70627, 70628, 70629, 70630, 70631, 70632, 70633, 70635, 70636, 70637, 70638, 70640, 70643, 70894

APPLE-SA: APPLE-SA-2014-10-16-1

IAVA: 2014-A-0142

CERT: 252743, 577193

EDB-ID: 35153, 34765, 34766, 34777