Mac OS X 10.7 / 10.8 Unauthorized File Access (remote check)

medium Nessus Plugin ID 66836

Synopsis

The remote Mac OS X host is affected by an unauthorized file access vulnerability.

Description

The remote Mac OS X host is affected by an unauthorized file access vulnerability. If SMB file sharing is enabled, an authenticated user may be able to write files outside the shared directory.

Solution

Install Security Update 2013-002 or later.

See Also

http://support.apple.com/kb/HT5784

http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html

http://www.securityfocus.com/archive/1/526808/30/0/threaded

Plugin Details

Severity: Medium

ID: 66836

File Name: macosx_cve-2013-0990.nasl

Version: 2.2

Type: remote

Family: Misc.

Published: 6/6/2013

Updated: 7/14/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:P

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x

Required KB Items: SMB/NativeLanManager

Exploit Ease: No known exploits are available

Patch Publication Date: 6/4/2013

Vulnerability Publication Date: 6/4/2013

Reference Information

CVE: CVE-2013-0990

BID: 60239