Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812401
Kategorie:Mac OS X Local Security Checks
Titel:Apple MacOSX Security Updates(HT208331)-02
Zusammenfassung:This host is installed with Apple Mac OS X; and is prone to multiple vulnerabilities.
Beschreibung:Summary:
This host is installed with Apple Mac OS X
and is prone to multiple vulnerabilities.

Vulnerability Insight:
The Security update includes,

- A validation issue was addressed with improved input sanitization.

- An out-of-bounds read issue existed in X.509 IPAddressFamily parsing.

- A type confusion issue was addressed with improved memory handling.

- A memory corruption issue was addressed with improved memory handling.

- Multiple issues were addressed by updating to version 2.4.28.

- Multiple memory corruption issues were addressed through improved state management.

- An out-of-bounds read was addressed with improved bounds checking.

- An out-of-bounds read issue existed in the FTP PWD response parsing.

- An integer overflow error.

- An input validation issue existed in the kernel.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to read restricted memory, execute arbitrary code with system
privileges.

Affected Software/OS:
Apple Mac OS X versions,
10.13.x through 10.13.1, 10.12.x through 10.12.6, 10.11.x through 10.11.6

Solution:
Apply the appropriate security patch from
the reference links.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 100515
BugTraq ID: 100872
BugTraq ID: 101946
Common Vulnerability Exposure (CVE) ID: CVE-2017-3735
http://www.securityfocus.com/bid/100515
Debian Security Information: DSA-4017 (Google Search)
https://www.debian.org/security/2017/dsa-4017
Debian Security Information: DSA-4018 (Google Search)
https://www.debian.org/security/2017/dsa-4018
FreeBSD Security Advisory: FreeBSD-SA-17:11
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc
https://security.gentoo.org/glsa/201712-03
https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html
RedHat Security Advisories: RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3221
RedHat Security Advisories: RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3505
http://www.securitytracker.com/id/1039726
https://usn.ubuntu.com/3611-2/
Common Vulnerability Exposure (CVE) ID: CVE-2017-9798
http://www.securityfocus.com/bid/100872
BugTraq ID: 105598
http://www.securityfocus.com/bid/105598
Debian Security Information: DSA-3980 (Google Search)
http://www.debian.org/security/2017/dsa-3980
https://www.exploit-db.com/exploits/42745/
https://security.gentoo.org/glsa/201710-32
http://openwall.com/lists/oss-security/2017/09/18/2
https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html
https://blog.fuzzing-project.org/uploads/apache-2.2-optionsbleed-backport.patch
https://github.com/apache/httpd/commit/29afdd2550b3d30a8defece2b95ae81edcf66ac9
https://github.com/hannob/optionsbleed
https://security-tracker.debian.org/tracker/CVE-2017-9798
https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E
RedHat Security Advisories: RHSA-2017:2882
https://access.redhat.com/errata/RHSA-2017:2882
RedHat Security Advisories: RHSA-2017:2972
https://access.redhat.com/errata/RHSA-2017:2972
RedHat Security Advisories: RHSA-2017:3018
https://access.redhat.com/errata/RHSA-2017:3018
RedHat Security Advisories: RHSA-2017:3113
https://access.redhat.com/errata/RHSA-2017:3113
RedHat Security Advisories: RHSA-2017:3114
https://access.redhat.com/errata/RHSA-2017:3114
RedHat Security Advisories: RHSA-2017:3193
https://access.redhat.com/errata/RHSA-2017:3193
RedHat Security Advisories: RHSA-2017:3194
https://access.redhat.com/errata/RHSA-2017:3194
RedHat Security Advisories: RHSA-2017:3195
https://access.redhat.com/errata/RHSA-2017:3195
RedHat Security Advisories: RHSA-2017:3239
https://access.redhat.com/errata/RHSA-2017:3239
RedHat Security Advisories: RHSA-2017:3240
https://access.redhat.com/errata/RHSA-2017:3240
RedHat Security Advisories: RHSA-2017:3475
https://access.redhat.com/errata/RHSA-2017:3475
RedHat Security Advisories: RHSA-2017:3476
https://access.redhat.com/errata/RHSA-2017:3476
RedHat Security Advisories: RHSA-2017:3477
https://access.redhat.com/errata/RHSA-2017:3477
http://www.securitytracker.com/id/1039387
Common Vulnerability Exposure (CVE) ID: CVE-2017-7172
Common Vulnerability Exposure (CVE) ID: CVE-2017-7159
Common Vulnerability Exposure (CVE) ID: CVE-2017-7162
Common Vulnerability Exposure (CVE) ID: CVE-2017-7173
Common Vulnerability Exposure (CVE) ID: CVE-2017-7154
BugTraq ID: 103134
http://www.securityfocus.com/bid/103134
https://www.exploit-db.com/exploits/43521/
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.