Mac OS X Multiple Vulnerabilities (Security Update 2007-004)

critical Nessus Plugin ID 25081

Synopsis

The remote host is missing a Mac OS X update that fixes a security issue.

Description

The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2007-004 applied.

This update fixes security flaws in the following applications :

AFP Client AirPort CarbonCore diskdev_cmds fetchmail ftpd gnutar Help Viewer HID Family Installer Kerberos Libinfo Login Window network_cmds SMB System Configuration URLMount Video Conference WebDAV

Solution

Install Security Update 2007-004 :

# http://web.archive.org/web/20070423190224/http://www.apple.com/support/downloads/securityupdate2007004universal.html http://www.nessus.org/u?f44d0fd9

See Also

http://www.nessus.org/u?cf3b0926

Plugin Details

Severity: Critical

ID: 25081

File Name: macosx_SecUpd2007-004.nasl

Version: 1.23

Type: local

Agent: macosx

Published: 4/21/2007

Updated: 5/28/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:apple:mac_os_x:10.4

Required KB Items: Host/MacOSX/packages

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/19/2007

Vulnerability Publication Date: 4/9/2007

Reference Information

CVE: CVE-2006-0300, CVE-2006-5867, CVE-2006-6143, CVE-2006-6652, CVE-2007-0022, CVE-2007-0465, CVE-2007-0646, CVE-2007-0724, CVE-2007-0725, CVE-2007-0729, CVE-2007-0732, CVE-2007-0734, CVE-2007-0735, CVE-2007-0736, CVE-2007-0737, CVE-2007-0738, CVE-2007-0739, CVE-2007-0741, CVE-2007-0742, CVE-2007-0743, CVE-2007-0744, CVE-2007-0746, CVE-2007-0747, CVE-2007-0957, CVE-2007-1216

BID: 23569

CWE: 119, 134, 264