Mac OS X 10.6 < 10.6.7 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 5826

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

Versions of Mac OS X 10.6 earlier than 10.6.7 are potentially affected by a security issue. Mac OS X 10.6.7 contains a security fix for the following products :

 - Airport

 - Apache

 - AppleScript

 - ATS

 - bzip2

 - CarbonCore

 - ClamAV

 - CoreText

 - HFS

 - ImageIO

 - Image RAW

 - Installer

 - Kerberos

 - Kernel

 - Libinfo

 - libxml

 - Mailman

 - PHP

 - QuickLook

 - QuickTime

 - Ruby

 - Samba

 - Subversion

 - Terminal

 - X11

Solution

Upgrade to Mac OS X 10.6.7 or later.

See Also

http://support.apple.com/kb/HT4581

http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html

Plugin Details

Severity: Critical

ID: 5826

Family: Generic

Published: 2011/03/21

Modified: 2017/02/02

Dependencies: 1735, 8314

Nessus ID: 52754

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Patch Publication Date: 2011/03/21

Vulnerability Publication Date: 2011/03/21

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2006-7243, CVE-2010-0405, CVE-2010-1323, CVE-2010-1324, CVE-2010-1452, CVE-2010-2068, CVE-2010-2950, CVE-2010-3069, CVE-2010-3089, CVE-2010-3315, CVE-2010-3434, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710, CVE-2010-3801, CVE-2010-3802, CVE-2010-3814, CVE-2010-3855, CVE-2010-3870, CVE-2010-4008, CVE-2010-4009, CVE-2010-4020, CVE-2010-4021, CVE-2010-4150, CVE-2010-4260, CVE-2010-4261, CVE-2010-4409, CVE-2010-4479, CVE-2010-4494, CVE-2011-0170, CVE-2011-0172, CVE-2011-0173, CVE-2011-0174, CVE-2011-0175, CVE-2011-0176, CVE-2011-0177, CVE-2011-0178, CVE-2011-0179, CVE-2011-0180, CVE-2011-0181, CVE-2011-0182, CVE-2011-0183, CVE-2011-0184, CVE-2011-0186, CVE-2011-0187, CVE-2011-0188, CVE-2011-0189, CVE-2011-0190, CVE-2011-0191, CVE-2011-0192, CVE-2011-0193, CVE-2011-0194, CVE-2011-1417

BID: 40827, 41963, 43187, 43212, 43331, 43678, 43555, 43926, 44214, 44779, 44605, 44643, 44718, 44723, 44951, 44980, 45116, 45117, 45118, 45119, 45122, 45152, 45239, 45240, 45241, 45617, 46657, 46658, 46659, 46832, 46965, 46966, 46971, 46972, 46973, 46982, 46984, 46987, 46988, 46989, 46990, 46991, 46992, 46993, 46994, 46995, 46996, 46997, 47023

IAVA: 2011-A-0066, 2012-A-0073, 2011-A-0147, 2012-A-0153

IAVB: 2010-B-0083