Mac OS X Multiple Vulnerabilities (Security Update 2004-01-26)

critical Nessus Plugin ID 12517

Synopsis

The remote host is missing a Mac OS X security update.

Description

The remote host is missing Security Update 2004-01-26.

This security update includes the following components :

- Apache 1.3
- Classic
- Mail
- Safari
- Windows File Sharing

For MacOS 10.1.5, it only includes the following :

- Mail

This update contains various fixes which may allow an attacker to execute arbitrary code on the remote host.

Solution

Install security update 2004-01-26. See http://support.apple.com/kb/HT1646 for more details.

See Also

http://www.nessus.org/u?f54f1ccf

http://www.nessus.org/u?1a627a5f

Plugin Details

Severity: Critical

ID: 12517

File Name: macosx_SecUpd20040126.nasl

Version: 1.17

Type: local

Agent: macosx

Published: 7/6/2004

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.1, cpe:/o:apple:mac_os_x:10.2, cpe:/o:apple:mac_os_x:10.3

Required KB Items: Host/MacOSX/packages

Exploit Ease: No known exploits are available

Patch Publication Date: 1/26/2004

Vulnerability Publication Date: 10/29/2003

Reference Information

CVE: CVE-2003-0542, CVE-2003-0789, CVE-2004-0085, CVE-2004-0086, CVE-2004-0087, CVE-2004-0088, CVE-2004-0089, CVE-2004-0092

BID: 9069

CWE: 119