http://support.apple.com/kb/HT3216
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
Severity: Critical
ID: 34374
File Name: macosx_SecUpd2008-007.nasl
Version: 1.32
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 10/10/2008
Updated: 5/28/2024
Supported Sensors: Nessus Agent, Nessus
Risk Factor: High
Score: 7.4
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE: cpe:/o:apple:mac_os_x:10.5, cpe:/o:apple:mac_os_x:10.4
Required KB Items: Host/MacOSX/packages, Host/uname
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/9/2008
Vulnerability Publication Date: 10/15/2007
CANVAS (D2ExploitPack)
Core Impact
Metasploit (MySQL yaSSL SSL Hello Message Buffer Overflow)
Elliot (Apache Tomcat File Disclosure)
CVE: CVE-2007-2691, CVE-2007-4850, CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-5969, CVE-2007-6286, CVE-2007-6420, CVE-2008-0002, CVE-2008-0226, CVE-2008-0227, CVE-2008-0674, CVE-2008-1232, CVE-2008-1389, CVE-2008-1678, CVE-2008-1767, CVE-2008-1947, CVE-2008-2079, CVE-2008-2364, CVE-2008-2370, CVE-2008-2371, CVE-2008-2712, CVE-2008-2938, CVE-2008-3294, CVE-2008-3432, CVE-2008-3641, CVE-2008-3642, CVE-2008-3643, CVE-2008-3645, CVE-2008-3646, CVE-2008-3647, CVE-2008-3912, CVE-2008-3913, CVE-2008-3914, CVE-2008-4101, CVE-2008-4211, CVE-2008-4212, CVE-2008-4214, CVE-2008-4215
BID: 30279, 30494, 30496, 30633, 30795, 30994, 31051, 31681, 31692, 31707, 31708, 31711, 31715, 31716, 31718, 31719, 31720, 31721, 31722, 24016, 26070, 26765, 27006, 27140, 27236, 27413, 27703, 27706, 27786, 29106, 29312, 29502, 29653, 29715, 30087