Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.810929
Kategorie:Mac OS X Local Security Checks
Titel:Apple Mac OS X Multiple Vulnerabilities-01 April-2017
Zusammenfassung:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- The Wiki Server does not specify an explicit character set when serving
HTML documents in response to user requests.

- Multiple errors in SquirrelMail.

- A configuration issue exists in Apple's distribution of Samba, the server
used for SMB file sharing.

- An input validation error in the Ruby WEBrick HTTP server's handling of
error pages.

- A buffer overflow exists in libcurl's handling of gzip-compressed web
content.

- An integer overflow exists in AES and RC4 decryption operations of the
crypto library in the KDC server.

- Multiple integer overflows in the handling of TIFF files.

- A directory traversal issue exists in iChat's handling of inline
image transfers.

- A symlink following issue exists in Folder Manager.

- Multiple errors in Adobe Flash Player plug-in.

- An uninitialized memory read issue exists in the CUPS web interface's
handling of form variables.

- An use after free error exists in cupsd.

- A cross-site request forgery issue exists in the CUPS web interface.

Vulnerability Impact:
Successful exploitation will allow attacker
to conduct cross-site scripting attack, access sensitive information, cause
an unexpected application termination or arbitrary code execution, upload
files to arbitrary locations on the filesystem of a user and cause privilege
escalation.

Affected Software/OS:
Apple Mac OS X and Mac OS X Server
version 10.5.8, 10.6 through 10.6.3

Solution:
Apply the appropriate security patch from
the reference links.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-0540
http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html
BugTraq ID: 40871
http://www.securityfocus.com/bid/40871
Debian Security Information: DSA-2176 (Google Search)
http://www.debian.org/security/2011/dsa-2176
http://security.gentoo.org/glsa/glsa-201207-10.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:232
http://www.mandriva.com/security/advisories?name=MDVSA-2010:233
http://www.mandriva.com/security/advisories?name=MDVSA-2010:234
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10382
http://www.securitytracker.com/id?1024122
http://secunia.com/advisories/40220
http://secunia.com/advisories/43521
http://www.vupen.com/english/advisories/2010/1481
http://www.vupen.com/english/advisories/2011/0535
Common Vulnerability Exposure (CVE) ID: CVE-2010-0302
BugTraq ID: 38510
http://www.securityfocus.com/bid/38510
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037174.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:073
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11216
RedHat Security Advisories: RHSA-2010:0129
https://rhn.redhat.com/errata/RHSA-2010-0129.html
http://www.securitytracker.com/id?1024124
http://secunia.com/advisories/38785
http://secunia.com/advisories/38927
http://secunia.com/advisories/38979
http://www.ubuntu.com/usn/USN-906-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-1748
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9723
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-0545
http://securitytracker.com/id?1024103
Common Vulnerability Exposure (CVE) ID: CVE-2010-0186
BugTraq ID: 38198
http://www.securityfocus.com/bid/38198
http://security.gentoo.org/glsa/glsa-201101-09.xml
http://www.osvdb.org/62300
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518
RedHat Security Advisories: RHSA-2010:0102
https://rhn.redhat.com/errata/RHSA-2010-0102.html
RedHat Security Advisories: RHSA-2010:0103
https://rhn.redhat.com/errata/RHSA-2010-0103.html
http://www.redhat.com/support/errata/RHSA-2010-0114.html
http://securitytracker.com/id?1023585
http://secunia.com/advisories/38547
http://secunia.com/advisories/38639
http://secunia.com/advisories/38915
http://secunia.com/advisories/43026
SuSE Security Announcement: SUSE-SR:2010:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
http://www.vupen.com/english/advisories/2011/0192
Common Vulnerability Exposure (CVE) ID: CVE-2010-0187
BugTraq ID: 38200
http://www.securityfocus.com/bid/38200
http://www.exploit-db.com/exploits/11182
http://sebug.net/exploit/18967/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16125
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8393
Common Vulnerability Exposure (CVE) ID: CVE-2010-0546
Common Vulnerability Exposure (CVE) ID: CVE-2010-1374
Common Vulnerability Exposure (CVE) ID: CVE-2010-1411
http://lists.apple.com/archives/security-announce/2010//Jun/msg00002.html
BugTraq ID: 40823
http://www.securityfocus.com/bid/40823
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043769.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/043835.html
http://security.gentoo.org/glsa/glsa-201209-02.xml
http://marc.info/?l=oss-security&m=127731610612908&w=2
http://www.redhat.com/support/errata/RHSA-2010-0519.html
http://www.redhat.com/support/errata/RHSA-2010-0520.html
http://secunia.com/advisories/40181
http://secunia.com/advisories/40196
http://secunia.com/advisories/40381
http://secunia.com/advisories/40478
http://secunia.com/advisories/40527
http://secunia.com/advisories/40536
http://secunia.com/advisories/50726
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424
SuSE Security Announcement: SUSE-SR:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
http://www.ubuntu.com/usn/USN-954-1
http://www.vupen.com/english/advisories/2010/1435
http://www.vupen.com/english/advisories/2010/1512
http://www.vupen.com/english/advisories/2010/1638
http://www.vupen.com/english/advisories/2010/1731
http://www.vupen.com/english/advisories/2010/1761
Common Vulnerability Exposure (CVE) ID: CVE-2009-4212
BugTraq ID: 37749
http://www.securityfocus.com/bid/37749
Debian Security Information: DSA-1969 (Google Search)
http://www.debian.org/security/2010/dsa-1969
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033915.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-January/033919.html
HPdes Security Advisory: HPSBOV02682
http://marc.info/?l=bugtraq&m=130497213107107&w=2
HPdes Security Advisory: SSRT100495
http://www.mandriva.com/security/advisories?name=MDVSA-2010:006
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11272
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7357
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8192
RedHat Security Advisories: RHSA-2010:0029
https://rhn.redhat.com/errata/RHSA-2010-0029.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.securitytracker.com/id?1023440
http://secunia.com/advisories/38080
http://secunia.com/advisories/38108
http://secunia.com/advisories/38126
http://secunia.com/advisories/38140
http://secunia.com/advisories/38184
http://secunia.com/advisories/38203
http://secunia.com/advisories/38696
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021779.1-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-275530-1
http://ubuntu.com/usn/usn-881-1
http://www.vupen.com/english/advisories/2010/0096
http://www.vupen.com/english/advisories/2010/0129
Common Vulnerability Exposure (CVE) ID: CVE-2010-0734
Bugtraq: 20101027 rPSA-2010-0072-1 curl (Google Search)
http://www.securityfocus.com/archive/1/514490/100/0/threaded
Bugtraq: 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX (Google Search)
http://www.securityfocus.com/archive/1/516397/100/0/threaded
Debian Security Information: DSA-2023 (Google Search)
http://www.debian.org/security/2010/dsa-2023
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037143.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036744.html
http://security.gentoo.org/glsa/glsa-201203-02.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:062
http://www.openwall.com/lists/oss-security/2010/02/09/5
http://www.openwall.com/lists/oss-security/2010/03/09/1
http://www.openwall.com/lists/oss-security/2010/03/16/11
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10760
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6756
http://www.redhat.com/support/errata/RHSA-2010-0329.html
http://secunia.com/advisories/38843
http://secunia.com/advisories/38981
http://secunia.com/advisories/39087
http://secunia.com/advisories/39734
http://secunia.com/advisories/45047
http://secunia.com/advisories/48256
http://www.ubuntu.com/usn/USN-1158-1
http://www.vupen.com/english/advisories/2010/0571
http://www.vupen.com/english/advisories/2010/0602
http://www.vupen.com/english/advisories/2010/0660
http://www.vupen.com/english/advisories/2010/0725
Common Vulnerability Exposure (CVE) ID: CVE-2010-0541
BugTraq ID: 40895
http://www.securityfocus.com/bid/40895
http://www.mandriva.com/security/advisories?name=MDVSA-2011:097
http://www.mandriva.com/security/advisories?name=MDVSA-2011:098
http://www.redhat.com/support/errata/RHSA-2011-0908.html
http://www.redhat.com/support/errata/RHSA-2011-0909.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-1381
Common Vulnerability Exposure (CVE) ID: CVE-2009-1578
BugTraq ID: 34916
http://www.securityfocus.com/bid/34916
Debian Security Information: DSA-1802 (Google Search)
http://www.debian.org/security/2009/dsa-1802
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00566.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00572.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00577.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:110
http://osvdb.org/60468
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11624
http://www.redhat.com/support/errata/RHSA-2009-1066.html
http://secunia.com/advisories/35052
http://secunia.com/advisories/35073
http://secunia.com/advisories/35140
http://secunia.com/advisories/35259
http://secunia.com/advisories/37415
http://www.vupen.com/english/advisories/2009/1296
http://www.vupen.com/english/advisories/2009/3315
XForce ISS Database: squirrelmail-decryptheaders-xss(50460)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50460
XForce ISS Database: squirrelmail-phpself-xss(50459)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50459
Common Vulnerability Exposure (CVE) ID: CVE-2009-1579
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10986
XForce ISS Database: squirrelmail-mapypalias-code-execution(50461)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50461
Common Vulnerability Exposure (CVE) ID: CVE-2009-1580
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10107
XForce ISS Database: squirrelmail-baseuri-session-hijacking(50462)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50462
Common Vulnerability Exposure (CVE) ID: CVE-2009-1581
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10441
XForce ISS Database: squirrelmail-css-xss(50463)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50463
Common Vulnerability Exposure (CVE) ID: CVE-2009-2964
BugTraq ID: 36196
http://www.securityfocus.com/bid/36196
Debian Security Information: DSA-2091 (Google Search)
http://www.debian.org/security/2010/dsa-2091
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00927.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00954.html
http://jvn.jp/en/jp/JVN30881447/index.html
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002207.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:222
http://www.osvdb.org/57001
http://osvdb.org/60469
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10668
http://secunia.com/advisories/34627
http://secunia.com/advisories/36363
http://secunia.com/advisories/40964
http://www.vupen.com/english/advisories/2009/2262
http://www.vupen.com/english/advisories/2010/2080
XForce ISS Database: squirrelmail-unspecified-csrf(52406)
https://exchange.xforce.ibmcloud.com/vulnerabilities/52406
Common Vulnerability Exposure (CVE) ID: CVE-2010-1382
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.