macOS < 10.12 Multiple Vulnerabilities
Critical Nessus Plugin ID 93685
Synopsis
The remote host is missing a macOS update that fixes multiple security vulnerabilities.
Description
The remote host is running a version of Mac OS X that is prior to 10.10.5, 10.11.x prior to 10.11.6, or is not macOS 10.12. It is, therefore, affected by multiple vulnerabilities in the following components :
- apache
- apache_mod_php
- Apple HSSPI Support
- AppleEFIRuntime
- AppleMobileFileIntegrity
- AppleUCC
- Application Firewall
- ATS
- Audio
- Bluetooth
- cd9660
- CFNetwork
- CommonCrypto
- CoreCrypto
- CoreDisplay
- curl
- Date & Time Pref Pane
- DiskArbitration
- File Bookmark
- FontParser
- IDS - Connectivity
- ImageIO
- Intel Graphics Driver
- IOAcceleratorFamily
- IOThunderboltFamily
- Kerberos v5 PAM module
- Kernel
- libarchive
- libxml2
- libxpc
- libxslt
- mDNSResponder
- NSSecureTextField
- Perl
- S2 Camera
- Security
- Terminal
- WindowServer
Note that successful exploitation of the most serious issues can result in arbitrary code execution.
Solution
Upgrade to macOS version 10.12 or later.