Mac OS X < 10.4.11 Multiple Vulnerabilities (Security Update 2007-008)

Critical Nessus Network Monitor Plugin ID 4284

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

The remote host is running a version of Mac OS X 10.4 that is older than version 10.4.11 or a version of Mac OS X 10.3 that does not have Security Update 2007-008 applied. This update contains several security fixes for the following programs :


- Flash Player Plugin
- AppleRAID
- BIND
- bzip2
- CFFTP
- CFNetwork
- CoreFoundation
- CoreText
- Kerberos
- Kernel
- remote_cmds
- Networking
- NFS
- NSURL
- Safari
- SecurityAgent
- WebCore
- WebKit

Solution

Upgrade to version 10.4.11 or higher.

See Also

http://docs.info.apple.com/article.html?artnum=307041

http://www.apple.com/support/downloads/macosx10411updateppc.html

Plugin Details

Severity: Critical

ID: 4284

Published: 2007/11/15

Updated: 2019/03/06

Dependencies: 1735, 8314

Nessus ID: 28212

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Reference Information

CVE: CVE-2007-3456, CVE-2007-4678, CVE-2007-2926, CVE-2005-0953, CVE-2005-1260, CVE-2007-4679, CVE-2007-4680, CVE-2007-0464, CVE-2007-4681, CVE-2007-4682, CVE-2007-3999, CVE-2007-4743, CVE-2007-3749, CVE-2007-4683, CVE-2007-4684, CVE-2007-4685, CVE-2006-6127, CVE-2007-4686, CVE-2007-4687, CVE-2007-4688, CVE-2007-4269, CVE-2007-4689, CVE-2007-4267, CVE-2007-4268, CVE-2007-4690, CVE-2007-4691, CVE-2007-0646, CVE-2007-4692, CVE-2007-4693, CVE-2007-4694, CVE-2007-4695, CVE-2007-4696, CVE-2007-4697, CVE-2007-4698, CVE-2007-3758, CVE-2007-3760, CVE-2007-4671, CVE-2007-3756, CVE-2007-4699, CVE-2007-4700, CVE-2007-4701

BID: 26444