Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 5023

Synopsis

The remote host is vulnerable to multiple attack vectors

Description

The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products :

- Apache
- ATS
- BIND
- CFNetwork
- CoreGraphics
-Cscope
- CUPS
- Disk Images
- enscript
- Flash player
- Help Viewer
- iChat
- Internation Components for Unicode
- IPSec
- Kerberos
- Kernel
- Launch Services
- libxml
- Net-SNMP
- Network Time
- Networking
- OpenSSL
- PHP
- QuickDraw Manager
- ruby
- Safari
- Spotlight
- system_cmds
- telnet
- WebKit
- X11
- Terminal

Solution

Upgrade to Mac OS X 10.5.7 or later.

See Also

http://support.apple.com/kb/HT3549

http://lists.apple.com/archives/security-announce/2009/may/msg00002.html

Plugin Details

Severity: Critical

ID: 5023

Family: Generic

Published: 8/18/2004

Updated: 3/6/2019

Nessus ID: 38744

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Reference Information

CVE: CVE-2009-0945, CVE-2009-0164, CVE-2009-0146, CVE-2009-0147, CVE-2009-0025, CVE-2008-5557, CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3651, CVE-2008-3652, CVE-2008-3529, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-4309, CVE-2008-2939, CVE-2008-3863, CVE-2008-2383, CVE-2008-5077, CVE-2009-0021, CVE-2009-0040, CVE-2008-1382, CVE-2008-3658, CVE-2008-3660, CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0159, CVE-2009-0946, CVE-2009-0148, CVE-2009-0153, CVE-2009-0519, CVE-2009-0520, CVE-2009-0165, CVE-2008-0456, CVE-2008-2665, CVE-2008-2829, CVE-2009-0150, CVE-2009-0145, CVE-2009-0155, CVE-2009-0161, CVE-2008-2371, CVE-2008-3659, CVE-2008-2666, CVE-2009-0010, CVE-2009-0942, CVE-2009-0158, CVE-2009-0149, CVE-2009-0160, CVE-2009-0157, CVE-2009-0144, CVE-2008-1517, CVE-2009-0154, CVE-2009-0114, CVE-2009-0943, CVE-2009-0162, CVE-2008-3530, CVE-2009-1717, CVE-2009-0944, CVE-2009-0156, CVE-2009-0152

BID: 34550, 34938, 34926, 34974, 34952, 34951, 34950, 34948, 34947, 34937, 34939, 34941, 34942, 34932, 34958, 34959, 34962, 34965, 34972, 34973, 35182

IAVA: 2015-A-0149, 2015-A-0113