Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities

critical Nessus Network Monitor Plugin ID 5705

Synopsis

The remote host is missing a Mac OS X update that fixes various security issues.

Description

Versions of Mac OS X 10.6 earlier than 10.6.5 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.5 contains security fixes for the following products :

 - AFP Server

 - Apache mod_perl

 - Apache

 - AppKit

 - ATS

 - CFNetwork

 - CoreGraphics

 - CoreText

 - CUPS

 - Directory Services

 - diskdev_cmds

Disk Images

 - Flash Player plug-in

 - gzip

 - Image Capture

 - ImageIO

 - Image RAW

 - Kernel

 - MySQL

 - neon

 - Networking

 - OpenLDAP

 - OpenSSL

 - Password Server

 - PHP

 - Printing

 - python

 - QuickLook

 - QuickTime

 - Safari RSS

 - Time Machine

 - Wiki Server

 - X11

 - xar

Solution

Upgrade to Mac OS X 10.6.5 or later.

See Also

http://support.apple.com/kb/HT4435

http://lists.apple.com/archives/security-announce/2010/nov/msg00000.html

Plugin Details

Severity: Critical

ID: 5705

Family: Generic

Published: 11/11/2010

Updated: 3/6/2019

Nessus ID: 50548, 50549

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Patch Publication Date: 11/10/2010

Vulnerability Publication Date: 11/10/2010

Exploitable With

CANVAS (CANVAS)

Core Impact

Metasploit (Adobe Flash Player "Button" Remote Code Execution)

Reference Information

CVE: CVE-2010-1850, CVE-2010-1297, CVE-2010-2884, CVE-2010-3654, CVE-2010-0425, CVE-2010-3785, CVE-2010-3786, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-0209, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216, CVE-2010-2941, CVE-2010-1848, CVE-2010-0205, CVE-2010-1205, CVE-2010-2249, CVE-2010-0211, CVE-2010-0408, CVE-2010-0434, CVE-2010-2806, CVE-2010-2808, CVE-2010-3054, CVE-2010-2805, CVE-2010-0001, CVE-2009-4134, CVE-2010-1449, CVE-2010-1450, CVE-2008-4546, CVE-2009-3793, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186, CVE-2010-2187, CVE-2010-2188, CVE-2010-0212, CVE-2010-3636, CVE-2010-3639, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652, CVE-2010-0397, CVE-2010-2531, CVE-2010-1849, CVE-2010-3638, CVE-2009-0946, CVE-2009-2473, CVE-2009-2474, CVE-2010-2807, CVE-2010-2497, CVE-2010-2520, CVE-2010-3053, CVE-2009-2624, CVE-2009-0796, CVE-2010-0105, CVE-2010-1830, CVE-2010-1811, CVE-2010-3976, CVE-2010-1752, CVE-2010-1378, CVE-2010-1834, CVE-2010-3797, CVE-2010-3783, CVE-2010-3798, CVE-2010-3790, CVE-2010-2172, CVE-2010-3788, CVE-2010-1836, CVE-2010-1837, CVE-2010-1847, CVE-2010-1844, CVE-2010-1843, CVE-2010-1831, CVE-2010-1828, CVE-2010-1846, CVE-2010-1833, CVE-2010-1841, CVE-2010-3793, CVE-2010-3792, CVE-2010-2189, CVE-2010-1840, CVE-2010-1845, CVE-2010-1842, CVE-2010-1803, CVE-2010-3795, CVE-2010-3789, CVE-2010-3787, CVE-2010-3791, CVE-2010-3794, CVE-2010-1829, CVE-2010-1832, CVE-2010-1838, CVE-2010-3784, CVE-2010-3796

BID: 38494, 44799, 44812, 38478, 41174, 41770, 38491, 42285, 40361, 40363, 40365, 31537, 40586, 40779, 40780, 40781, 40782, 40783, 40784, 40785, 40786, 40787, 40788, 40789, 40790, 40791, 40792, 40793, 40794, 40796, 40797, 40798, 40800, 40801, 40802, 40803, 40805, 40806, 40807, 40808, 40809, 44504, 38708, 34550, 36079, 42621, 44530, 44671, 44794, 34383, 39658, 40795, 40799, 44784, 44785, 44789, 44790, 44792, 44795, 44796, 44800, 44802, 44803, 44804, 44805, 44806, 44807, 44808, 44811, 44813, 44814, 44815, 44816, 44817, 44819, 44822, 44828, 44831, 44832, 44833, 44834, 44835, 44840