Mac OS X < 10.11 Multiple Vulnerabilities (GHOST)

critical Nessus Plugin ID 86270

Language:

New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host is missing a Mac OS X update that fixes multiple security vulnerabilities.

Description

The remote host is running a version of Mac OS X that is 10.6.8 or later but prior to 10.11. It is, therefore, affected by multiple vulnerabilities in the following components :

 - Address Book
 - AirScan
 - apache_mod_php
 - Apple Online Store Kit
 - AppleEvents
 - Audio
 - bash
 - Certificate Trust Policy
 - CFNetwork Cookies
 - CFNetwork FTPProtocol
 - CFNetwork HTTPProtocol
 - CFNetwork Proxies
 - CFNetwork SSL
 - CoreCrypto
 - CoreText
 - Dev Tools
 - Disk Images
 - dyld
 - EFI
 - Finder
 - Game Center
 - Heimdal
 - ICU
 - Install Framework Legacy
 - Intel Graphics Driver
 - IOAudioFamily
 - IOGraphics
 - IOHIDFamily
 - IOStorageFamily
 - Kernel
 - libc
 - libpthread
 - libxpc
 - Login Window
 - lukemftpd
 - Mail
 - Multipeer Connectivity
 - NetworkExtension
 - Notes
 - OpenSSH
 - OpenSSL
 - procmail
 - remote_cmds
 - removefile
 - Ruby
 - Safari
 - Safari Downloads
 - Safari Extensions
 - Safari Safe Browsing
 - Security
 - SMB
 - SQLite
 - Telephony
 - Terminal
 - tidy
 - Time Machine
 - WebKit
 - WebKit CSS
 - WebKit JavaScript Bindings
 - WebKit Page Loading
 - WebKit Plug-ins

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

Solution

Upgrade to Mac OS X 10.11 or later.

See Also

https://support.apple.com/en-us/HT205267

http://www.nessus.org/u?76b3b492

http://www.nessus.org/u?c7a6ddbd

Plugin Details

Severity: Critical

ID: 86270

File Name: macosx_10_11.nasl

Version: 1.15

Type: combined

Agent: macosx

Published: 10/5/2015

Updated: 6/20/2019

Dependencies: ssh_get_info.nasl, os_fingerprint.nasl

Risk Information

CVSS Score Source: CVE-2014-6277

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/30/2015

Vulnerability Publication Date: 4/26/2013

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation)

Reference Information

CVE: CVE-2013-3951, CVE-2014-2532, CVE-2014-3618, CVE-2014-6277, CVE-2014-7186, CVE-2014-7187, CVE-2014-8080, CVE-2014-8090, CVE-2014-8146, CVE-2014-8147, CVE-2014-8611, CVE-2014-9425, CVE-2014-9427, CVE-2014-9652, CVE-2014-9705, CVE-2014-9709, CVE-2015-0231, CVE-2015-0232, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-1351, CVE-2015-1352, CVE-2015-1855, CVE-2015-2301, CVE-2015-2305, CVE-2015-2331, CVE-2015-2348, CVE-2015-2783, CVE-2015-2787, CVE-2015-3329, CVE-2015-3330, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3785, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5780, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5798, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802, CVE-2015-5803, CVE-2015-5804, CVE-2015-5805, CVE-2015-5806, CVE-2015-5807, CVE-2015-5808, CVE-2015-5809, CVE-2015-5810, CVE-2015-5811, CVE-2015-5812, CVE-2015-5813, CVE-2015-5814, CVE-2015-5815, CVE-2015-5816, CVE-2015-5817, CVE-2015-5818, CVE-2015-5819, CVE-2015-5820, CVE-2015-5821, CVE-2015-5822, CVE-2015-5823, CVE-2015-5824, CVE-2015-5825, CVE-2015-5826, CVE-2015-5827, CVE-2015-5828, CVE-2015-5830, CVE-2015-5831, CVE-2015-5833, CVE-2015-5836, CVE-2015-5839, CVE-2015-5840, CVE-2015-5841, CVE-2015-5842, CVE-2015-5847, CVE-2015-5849, CVE-2015-5851, CVE-2015-5853, CVE-2015-5854, CVE-2015-5855, CVE-2015-5858, CVE-2015-5860, CVE-2015-5862, CVE-2015-5863, CVE-2015-5864, CVE-2015-5865, CVE-2015-5866, CVE-2015-5867, CVE-2015-5868, CVE-2015-5869, CVE-2015-5870, CVE-2015-5871, CVE-2015-5872, CVE-2015-5873, CVE-2015-5874, CVE-2015-5875, CVE-2015-5876, CVE-2015-5877, CVE-2015-5878, CVE-2015-5879, CVE-2015-5881, CVE-2015-5882, CVE-2015-5883, CVE-2015-5884, CVE-2015-5885, CVE-2015-5887, CVE-2015-5888, CVE-2015-5889, CVE-2015-5890, CVE-2015-5891, CVE-2015-5893, CVE-2015-5894, CVE-2015-5896, CVE-2015-5897, CVE-2015-5899, CVE-2015-5900, CVE-2015-5901, CVE-2015-5902, CVE-2015-5903, CVE-2015-5912, CVE-2015-5913, CVE-2015-5914, CVE-2015-5915, CVE-2015-5917, CVE-2015-5922, CVE-2015-7760, CVE-2015-7761

BID: 60440, 66355, 69573, 70152, 70154, 70165, 70935, 71230, 71621, 71800, 71833, 71929, 71932, 72325, 72505, 72539, 72541, 72611, 72701, 73031, 73037, 73225, 73227, 73306, 73431, 73434, 74204, 74228, 74239, 74240, 74446, 74457, 75037, 76763, 76764, 76765, 76766, 76908, 76909, 76910, 76911, 79707

CERT: 967332

IAVA: 2014-A-0142

APPLE-SA: APPLE-SA-2015-09-30-3