Mac OS X 10.5 < 10.5.7 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 5023

Synopsis

The remote host is vulnerable to multiple attack vectors

Description

The remote host is running a version of Mac OS X 10.5 that is older than version 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products :

- Apache
- ATS
- BIND
- CFNetwork
- CoreGraphics
-Cscope
- CUPS
- Disk Images
- enscript
- Flash player
- Help Viewer
- iChat
- Internation Components for Unicode
- IPSec
- Kerberos
- Kernel
- Launch Services
- libxml
- Net-SNMP
- Network Time
- Networking
- OpenSSL
- PHP
- QuickDraw Manager
- ruby
- Safari
- Spotlight
- system_cmds
- telnet
- WebKit
- X11
- Terminal

Solution

Upgrade to Mac OS X 10.5.7 or later.

See Also

http://support.apple.com/kb/HT3549

http://lists.apple.com/archives/security-announce/2009/may/msg00002.html

Plugin Details

Severity: Critical

ID: 5023

File Name: 5023.prm

Family: Generic

Published: 2004/08/18

Modified: 2017/02/02

Dependencies: 1735, 8314

Nessus ID: 38744

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Reference Information

CVE: CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-0456, CVE-2008-1382, CVE-2008-1517, CVE-2008-2371, CVE-2008-2383, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3443, CVE-2008-3529, CVE-2008-3530, CVE-2008-3651, CVE-2008-3652, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-3790, CVE-2008-3863, CVE-2008-4309, CVE-2008-5077, CVE-2008-5557, CVE-2009-0010, CVE-2009-0021, CVE-2009-0025, CVE-2009-0040, CVE-2009-0114, CVE-2009-0144, CVE-2009-0145, CVE-2009-0146, CVE-2009-0147, CVE-2009-0148, CVE-2009-0149, CVE-2009-0150, CVE-2009-0152, CVE-2009-0153, CVE-2009-0154, CVE-2009-0155, CVE-2009-0156, CVE-2009-0157, CVE-2009-0158, CVE-2009-0159, CVE-2009-0160, CVE-2009-0161, CVE-2009-0162, CVE-2009-0164, CVE-2009-0165, CVE-2009-0519, CVE-2009-0520, CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0942, CVE-2009-0943, CVE-2009-0944, CVE-2009-0945, CVE-2009-0946, CVE-2009-1717

BID: 34550, 34926, 34952, 34951, 34950, 34948, 34947, 34937, 34938, 34939, 34941, 34942, 34932, 34958, 34959, 34962, 34965, 34972, 34973, 34974, 35182

OSVDB: 13154, 13155, 13156, 26032, 36509, 41018, 44364, 46584, 46638, 46639, 46641, 46690, 47374, 47460, 47470, 47471, 47472, 47474, 47753, 47796, 47797, 47798, 47800, 47919, 48158, 49224, 49524, 51142, 51164, 51368, 51477, 52493, 52747, 52748, 52749, 52963, 53315, 53316, 53317, 53383, 53384, 53385, 53593, 54068, 54069, 54070, 54437, 54438, 54439, 54440, 54441, 54442, 54443, 54444, 54445, 54446, 54447, 54448, 54449, 54450, 54451, 54452, 54453, 54454, 54455, 54461, 54495, 54496, 54497, 54920, 56273, 56274, 56505

IAVA: 2015-A-0113, 2015-A-0149