Búsqueda de    
Vulnerabilidad   
    Buscar 172616 Descripciones CVE y
81291 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.811790
Categoría:Mac OS X Local Security Checks
Título:Apple Mac OS X Multiple Vulnerabilities-HT208144
Resumen:This host is running Apple Mac OS X and; is prone to multiple vulnerabilities.
Descripción:Summary:
This host is running Apple Mac OS X and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exists due to,

- Multiple issues in zlib, SQLite, ntp, expat and files.

- Multiple memory corruption issues.

- A certificate validation issue existed in the handling of revocation data.

- Window management, memory consumption and validation issues.

- An encryption issue existed in the handling of mail drafts.

- Turning off 'Load remote content in messages' did not apply to all mailboxes.

- A resource exhaustion issue in 'glob' function.

- A permissions issue existed in the handling of the Apple ID.

- An out-of-bounds read error.

- The security state of the captive portal browser was not obvious.

- An upgrade issue existed in the handling of firewall settings.

- Some unspecified errors.

Vulnerability Impact:
Successful exploitation will allow attacker
to cause a denial of service, read unencrypted password over the network, gain
access to potentially sensitive information, determine the Apple ID of the owner
of the computer, impersonate a service, execute arbitrary code with system
privileges, execute arbitrary code with kernel privileges, able to intercept
mail contents, revoked certificate to be trusted and have other unknown impacts.

Affected Software/OS:
Apple Mac OS X version 10.8 through 10.12.x
prior to 10.13

Solution:
Upgrade to Apple Mac OS X version
10.13 or later. Note: According to the vendor an upgrade to version 10.13 is required to
mitigate this vulnerabilities. Please see the advisory (HT208144) for more info.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-7084
BugTraq ID: 100993
http://www.securityfocus.com/bid/100993
http://www.securitytracker.com/id/1039427
Common Vulnerability Exposure (CVE) ID: CVE-2017-7074
Common Vulnerability Exposure (CVE) ID: CVE-2017-7143
Common Vulnerability Exposure (CVE) ID: CVE-2017-7083
BugTraq ID: 100992
http://www.securityfocus.com/bid/100992
Common Vulnerability Exposure (CVE) ID: CVE-2017-0381
BugTraq ID: 95248
http://www.securityfocus.com/bid/95248
https://security.gentoo.org/glsa/201702-21
Common Vulnerability Exposure (CVE) ID: CVE-2017-7138
Common Vulnerability Exposure (CVE) ID: CVE-2017-7121
Common Vulnerability Exposure (CVE) ID: CVE-2017-7122
Common Vulnerability Exposure (CVE) ID: CVE-2017-7123
Common Vulnerability Exposure (CVE) ID: CVE-2017-7124
Common Vulnerability Exposure (CVE) ID: CVE-2017-7125
Common Vulnerability Exposure (CVE) ID: CVE-2017-7126
http://www.securitytracker.com/id/1038249
Common Vulnerability Exposure (CVE) ID: CVE-2017-7077
Common Vulnerability Exposure (CVE) ID: CVE-2017-7119
Common Vulnerability Exposure (CVE) ID: CVE-2017-7114
BugTraq ID: 100990
http://www.securityfocus.com/bid/100990
Common Vulnerability Exposure (CVE) ID: CVE-2017-7086
Common Vulnerability Exposure (CVE) ID: CVE-2016-9063
BugTraq ID: 94337
http://www.securityfocus.com/bid/94337
Debian Security Information: DSA-3898 (Google Search)
https://www.debian.org/security/2017/dsa-3898
http://www.securitytracker.com/id/1037298
Common Vulnerability Exposure (CVE) ID: CVE-2017-9233
BugTraq ID: 99276
http://www.securityfocus.com/bid/99276
http://www.debian.org/security/2017/dsa-3898
http://www.openwall.com/lists/oss-security/2017/06/17/7
Common Vulnerability Exposure (CVE) ID: CVE-2017-7141
Common Vulnerability Exposure (CVE) ID: CVE-2017-7078
BugTraq ID: 100999
http://www.securityfocus.com/bid/100999
Common Vulnerability Exposure (CVE) ID: CVE-2017-6451
BugTraq ID: 97058
http://www.securityfocus.com/bid/97058
http://www.securitytracker.com/id/1038123
Common Vulnerability Exposure (CVE) ID: CVE-2017-6452
BugTraq ID: 97078
http://www.securityfocus.com/bid/97078
Common Vulnerability Exposure (CVE) ID: CVE-2017-6455
BugTraq ID: 97074
http://www.securityfocus.com/bid/97074
Common Vulnerability Exposure (CVE) ID: CVE-2017-6458
BugTraq ID: 97051
http://www.securityfocus.com/bid/97051
Common Vulnerability Exposure (CVE) ID: CVE-2017-6459
BugTraq ID: 97076
http://www.securityfocus.com/bid/97076
Common Vulnerability Exposure (CVE) ID: CVE-2017-6460
BugTraq ID: 97052
http://www.securityfocus.com/bid/97052
Common Vulnerability Exposure (CVE) ID: CVE-2017-6462
BugTraq ID: 97045
http://www.securityfocus.com/bid/97045
FreeBSD Security Advisory: FreeBSD-SA-17:03
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
RedHat Security Advisories: RHSA-2017:3071
https://access.redhat.com/errata/RHSA-2017:3071
RedHat Security Advisories: RHSA-2018:0855
https://access.redhat.com/errata/RHSA-2018:0855
https://usn.ubuntu.com/3707-2/
Common Vulnerability Exposure (CVE) ID: CVE-2017-6463
BugTraq ID: 97049
http://www.securityfocus.com/bid/97049
Common Vulnerability Exposure (CVE) ID: CVE-2017-6464
BugTraq ID: 97050
http://www.securityfocus.com/bid/97050
Common Vulnerability Exposure (CVE) ID: CVE-2016-9042
BugTraq ID: 97046
http://www.securityfocus.com/bid/97046
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260
Common Vulnerability Exposure (CVE) ID: CVE-2017-7082
Common Vulnerability Exposure (CVE) ID: CVE-2017-7080
Common Vulnerability Exposure (CVE) ID: CVE-2017-7128
BugTraq ID: 100987
http://www.securityfocus.com/bid/100987
Common Vulnerability Exposure (CVE) ID: CVE-2017-7129
Common Vulnerability Exposure (CVE) ID: CVE-2017-7130
Common Vulnerability Exposure (CVE) ID: CVE-2017-7127
Common Vulnerability Exposure (CVE) ID: CVE-2016-9840
BugTraq ID: 95131
http://www.securityfocus.com/bid/95131
https://security.gentoo.org/glsa/201701-56
https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
http://www.openwall.com/lists/oss-security/2016/12/05/21
RedHat Security Advisories: RHSA-2017:1220
https://access.redhat.com/errata/RHSA-2017:1220
RedHat Security Advisories: RHSA-2017:1221
https://access.redhat.com/errata/RHSA-2017:1221
RedHat Security Advisories: RHSA-2017:1222
https://access.redhat.com/errata/RHSA-2017:1222
RedHat Security Advisories: RHSA-2017:2999
https://access.redhat.com/errata/RHSA-2017:2999
RedHat Security Advisories: RHSA-2017:3046
https://access.redhat.com/errata/RHSA-2017:3046
RedHat Security Advisories: RHSA-2017:3047
https://access.redhat.com/errata/RHSA-2017:3047
RedHat Security Advisories: RHSA-2017:3453
https://access.redhat.com/errata/RHSA-2017:3453
SuSE Security Announcement: openSUSE-SU-2016:3202 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
SuSE Security Announcement: openSUSE-SU-2017:0077 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
SuSE Security Announcement: openSUSE-SU-2017:0080 (Google Search)
http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
https://usn.ubuntu.com/4246-1/
https://usn.ubuntu.com/4292-1/
Common Vulnerability Exposure (CVE) ID: CVE-2016-9841
http://www.securitytracker.com/id/1039596
Common Vulnerability Exposure (CVE) ID: CVE-2016-9842
Common Vulnerability Exposure (CVE) ID: CVE-2016-9843
http://www.securitytracker.com/id/1041888
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 81291 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.