Synopsis
The remote host is missing a macOS update that fixes multiple security vulnerabilities.
Description
The remote host is running a version of macOS that is prior to 10.13. It is, therefore, affected by multiple vulnerabilities in the following components :
- Apache
- AppSandbox
- AppleScript
- Application Firewall
- ATS
- Audio
- CFNetwork
- CFNetwork Proxies
- CFString
- Captive Network Assistant
- CoreAudio
- CoreText
- DesktopServices
- Directory Utility
- file
- Fonts
- fsck_msdos
- HFS
- Heimdal
- HelpViewer
- IOFireWireFamily
- ImageIO
- Installer
- Kernel
- kext tools
- libarchive
- libc
- libexpat
- Mail
- Mail Drafts
- ntp
- Open Scripting Architecture
- PCRE
- Postfix
- Quick Look
- QuickTime
- Remote Management
- SQLite
- Sandbox
- Screen Lock
- Security
- Spotlight
- WebKit
- zlib
Note that successful exploitation of the most serious issues can result in arbitrary code execution.
Solution
Upgrade to macOS version 10.13 or later.