Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.807000
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities-01 December-15
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to

- An error in Bluetooth HCI interface.

- An error in IOAcceleratorFamily.

- An error in Disk Images component.

- The System Integrity Protection feature mishandles union mounts.

- The Keychain Access improperly interacts with Keychain Agent.

- The Kext tools mishandles kernel-extension loading.

- Error in in ASN.1 decode, kernel loader in EF, IOThunderboltFamily, in File
Bookmark component.

- The Multiple errors in Intel Graphics Driver component.

- The Use-after-free error in Hypervisor.

- A privilege issue existed in handling union mounts.

- Multiple vulnerabilities existed in LibreSSL.

- An input validation issue existed in OpenLDAP.

- An issue existed in how Keychain Access interacted with Keychain Agent.

For more details refer reference section.

Vulnerability Impact:
Successful exploitation will allow attacker
to obtain sensitive information, execute arbitrary code, gain privileges,
cause a denial of service, to spoof, to bypass protection mechanism.

Affected Software/OS:
Apple Mac OS X versions 10.11 to 10.11.1,
10.9.x through 10.9.5 and 10.10.x through 10.10.5.

Solution:
Upgrade to Apple Mac OS X version
10.11.2 or later or apply security update 2015-005 for 10.10.x and security
update 2015-008 for 10.9.x. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 78735
BugTraq ID: 78721
BugTraq ID: 78733
Common Vulnerability Exposure (CVE) ID: CVE-2015-7044
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
http://www.securitytracker.com/id/1034344
Common Vulnerability Exposure (CVE) ID: CVE-2015-7045
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7052
Common Vulnerability Exposure (CVE) ID: CVE-2015-7059
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7060
Common Vulnerability Exposure (CVE) ID: CVE-2015-7061
Common Vulnerability Exposure (CVE) ID: CVE-2015-7062
Common Vulnerability Exposure (CVE) ID: CVE-2015-7063
Common Vulnerability Exposure (CVE) ID: CVE-2015-7067
Common Vulnerability Exposure (CVE) ID: CVE-2015-7071
Common Vulnerability Exposure (CVE) ID: CVE-2015-7076
Common Vulnerability Exposure (CVE) ID: CVE-2015-7077
https://www.exploit-db.com/exploits/39368/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7078
https://www.exploit-db.com/exploits/39370/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7106
https://www.exploit-db.com/exploits/39369/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7108
https://www.exploit-db.com/exploits/39372/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7109
Common Vulnerability Exposure (CVE) ID: CVE-2015-7110
https://www.exploit-db.com/exploits/39365/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7105
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
BugTraq ID: 78719
http://www.securityfocus.com/bid/78719
Common Vulnerability Exposure (CVE) ID: CVE-2015-7074
Common Vulnerability Exposure (CVE) ID: CVE-2015-7075
Common Vulnerability Exposure (CVE) ID: CVE-2015-7053
Common Vulnerability Exposure (CVE) ID: CVE-2011-2895
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
BugTraq ID: 49124
http://www.securityfocus.com/bid/49124
Debian Security Information: DSA-2293 (Google Search)
http://www.debian.org/security/2011/dsa-2293
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
http://www.openwall.com/lists/oss-security/2011/08/10/10
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
NETBSD Security Advisory: NetBSD-SA2011-007
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
http://www.redhat.com/support/errata/RHSA-2011-1154.html
http://www.redhat.com/support/errata/RHSA-2011-1155.html
http://www.redhat.com/support/errata/RHSA-2011-1161.html
http://www.redhat.com/support/errata/RHSA-2011-1834.html
http://securitytracker.com/id?1025920
http://secunia.com/advisories/45544
http://secunia.com/advisories/45568
http://secunia.com/advisories/45599
http://secunia.com/advisories/45986
http://secunia.com/advisories/46127
http://secunia.com/advisories/48951
SuSE Security Announcement: SUSE-SU-2011:1035 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
SuSE Security Announcement: openSUSE-SU-2011:1299 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
http://www.ubuntu.com/usn/USN-1191-1
XForce ISS Database: xorg-lzw-bo(69141)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Common Vulnerability Exposure (CVE) ID: CVE-2015-7115
Common Vulnerability Exposure (CVE) ID: CVE-2015-7116
Common Vulnerability Exposure (CVE) ID: CVE-2015-7064
Common Vulnerability Exposure (CVE) ID: CVE-2015-7065
Common Vulnerability Exposure (CVE) ID: CVE-2015-7066
Common Vulnerability Exposure (CVE) ID: CVE-2015-7107
Common Vulnerability Exposure (CVE) ID: CVE-2015-7058
Common Vulnerability Exposure (CVE) ID: CVE-2015-7803
BugTraq ID: 76959
http://www.securityfocus.com/bid/76959
Debian Security Information: DSA-3380 (Google Search)
http://www.debian.org/security/2015/dsa-3380
https://security.gentoo.org/glsa/201606-10
http://www.openwall.com/lists/oss-security/2015/10/05/8
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720
SuSE Security Announcement: SUSE-SU-2016:1145 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html
SuSE Security Announcement: openSUSE-SU-2016:0251 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html
SuSE Security Announcement: openSUSE-SU-2016:0366 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html
http://www.ubuntu.com/usn/USN-2786-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7804
Common Vulnerability Exposure (CVE) ID: CVE-2015-7001
Common Vulnerability Exposure (CVE) ID: CVE-2015-7094
Common Vulnerability Exposure (CVE) ID: CVE-2015-7054
Common Vulnerability Exposure (CVE) ID: CVE-2015-7081
Common Vulnerability Exposure (CVE) ID: CVE-2015-7111
Common Vulnerability Exposure (CVE) ID: CVE-2015-7112
Common Vulnerability Exposure (CVE) ID: CVE-2015-7068
Common Vulnerability Exposure (CVE) ID: CVE-2015-7040
Common Vulnerability Exposure (CVE) ID: CVE-2015-7041
Common Vulnerability Exposure (CVE) ID: CVE-2015-7042
Common Vulnerability Exposure (CVE) ID: CVE-2015-7043
Common Vulnerability Exposure (CVE) ID: CVE-2015-7083
Common Vulnerability Exposure (CVE) ID: CVE-2015-7084
https://www.exploit-db.com/exploits/39357/
https://www.exploit-db.com/exploits/39366/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7047
https://www.exploit-db.com/exploits/39371/
https://www.exploit-db.com/exploits/39373/
https://www.exploit-db.com/exploits/39374/
https://www.exploit-db.com/exploits/39375/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7038
Common Vulnerability Exposure (CVE) ID: CVE-2015-7039
https://www.exploit-db.com/exploits/38917/
Common Vulnerability Exposure (CVE) ID: CVE-2012-0876
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
BugTraq ID: 52379
http://www.securityfocus.com/bid/52379
Debian Security Information: DSA-2525 (Google Search)
http://www.debian.org/security/2012/dsa-2525
http://www.mandriva.com/security/advisories?name=MDVSA-2012:041
http://bugs.python.org/issue13703#msg151870
http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html
RedHat Security Advisories: RHSA-2012:0731
http://rhn.redhat.com/errata/RHSA-2012-0731.html
RedHat Security Advisories: RHSA-2016:0062
http://rhn.redhat.com/errata/RHSA-2016-0062.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://secunia.com/advisories/49504
http://secunia.com/advisories/51024
http://secunia.com/advisories/51040
http://www.ubuntu.com/usn/USN-1527-1
http://www.ubuntu.com/usn/USN-1613-1
http://www.ubuntu.com/usn/USN-1613-2
Common Vulnerability Exposure (CVE) ID: CVE-2012-1147
http://trac.wxwidgets.org/ticket/11194
http://trac.wxwidgets.org/ticket/11432
Common Vulnerability Exposure (CVE) ID: CVE-2012-1148
Common Vulnerability Exposure (CVE) ID: CVE-2015-6908
BugTraq ID: 76714
http://www.securityfocus.com/bid/76714
Debian Security Information: DSA-3356 (Google Search)
http://www.debian.org/security/2015/dsa-3356
RedHat Security Advisories: RHSA-2015:1840
http://rhn.redhat.com/errata/RHSA-2015-1840.html
http://www.securitytracker.com/id/1033534
SuSE Security Announcement: SUSE-SU-2016:0224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0262 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
SuSE Security Announcement: openSUSE-SU-2016:0226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
SuSE Security Announcement: openSUSE-SU-2016:0255 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
SuSE Security Announcement: openSUSE-SU-2016:0261 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
http://www.ubuntu.com/usn/USN-2742-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5333
http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html
http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html
http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded
Common Vulnerability Exposure (CVE) ID: CVE-2015-5334
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt
http://seclists.org/fulldisclosure/2015/Oct/75
Common Vulnerability Exposure (CVE) ID: CVE-2015-7046
Common Vulnerability Exposure (CVE) ID: CVE-2015-7073
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.