Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.MACOSX_10_10_2.NASL
HistoryJan 29, 2015 - 12:00 a.m.

Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)

2015-01-2900:00:00
This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
159

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

3.4 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.975 High

EPSS

Percentile

100.0%

JSON

The remote host is running a version of Mac OS X 10.10.x that is prior to version 10.10.2. This update contains several security-related fixes for the following components :

  • bash
  • Bluetooth
  • CFNetwork Cache
  • CommerceKit Framework
  • CoreGraphics
  • CoreSymbolication
  • CPU Software
  • FontParser
  • Foundation
  • Intel Graphics Driver
  • IOAcceleratorFamily
  • IOHIDFamily
  • IOKit
  • IOUSBFamily
  • Kernel
  • LaunchServices
  • libnetcore
  • LoginWindow
  • lukemftp
  • OpenSSL
  • Safari
  • SceneKit
  • Security
  • security_taskgate
  • Spotlight
  • SpotlightIndex
  • sysmond
  • UserAccountUpdater

Note that successful exploitation of the most serious issues can result in arbitrary code execution.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(81087);
  script_version("1.21");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/28");

  script_cve_id(
    "CVE-2014-1595",
    "CVE-2014-3192",
    "CVE-2014-3566",
    "CVE-2014-3567",
    "CVE-2014-3568",
    "CVE-2014-4371",
    "CVE-2014-4389",
    "CVE-2014-4419",
    "CVE-2014-4420",
    "CVE-2014-4421",
    "CVE-2014-4460",
    "CVE-2014-4461",
    "CVE-2014-4476",
    "CVE-2014-4477",
    "CVE-2014-4479",
    "CVE-2014-4481",
    "CVE-2014-4483",
    "CVE-2014-4484",
    "CVE-2014-4485",
    "CVE-2014-4486",
    "CVE-2014-4487",
    "CVE-2014-4488",
    "CVE-2014-4489",
    "CVE-2014-4491",
    "CVE-2014-4492",
    "CVE-2014-4495",
    "CVE-2014-4498",
    "CVE-2014-4499",
    "CVE-2014-6277",
    "CVE-2014-7186",
    "CVE-2014-7187",
    "CVE-2014-7861",
    "CVE-2014-8517",
    "CVE-2014-8817",
    "CVE-2014-8819",
    "CVE-2014-8820",
    "CVE-2014-8821",
    "CVE-2014-8822",
    "CVE-2014-8823",
    "CVE-2014-8824",
    "CVE-2014-8825",
    "CVE-2014-8826",
    "CVE-2014-8827",
    "CVE-2014-8830",
    "CVE-2014-8831",
    "CVE-2014-8832",
    "CVE-2014-8833",
    "CVE-2014-8834",
    "CVE-2014-8835",
    "CVE-2014-8836",
    "CVE-2014-8837",
    "CVE-2014-8838",
    "CVE-2014-8839"
  );
  script_bugtraq_id(
    69919,
    69924,
    69927,
    69928,
    69950,
    70152,
    70154,
    70165,
    70249,
    70273,
    70574,
    70585,
    70586,
    70792,
    71135,
    71136,
    71394,
    72327,
    72328,
    72329,
    72330,
    72331
  );
  script_xref(name:"CERT", value:"577193");
  script_xref(name:"IAVA", value:"2014-A-0142");
  script_xref(name:"APPLE-SA", value:"APPLE-SA-2015-01-27-4");

  script_name(english:"Mac OS X 10.10.x < 10.10.2 Multiple Vulnerabilities (POODLE)");
  script_summary(english:"Checks the version of Mac OS X.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote host is running a version of Mac OS X 10.10.x that is prior
to version 10.10.2. This update contains several security-related
fixes for the following components :

  - bash
  - Bluetooth
  - CFNetwork Cache
  - CommerceKit Framework
  - CoreGraphics
  - CoreSymbolication
  - CPU Software
  - FontParser
  - Foundation
  - Intel Graphics Driver
  - IOAcceleratorFamily
  - IOHIDFamily
  - IOKit
  - IOUSBFamily
  - Kernel
  - LaunchServices
  - libnetcore
  - LoginWindow
  - lukemftp
  - OpenSSL
  - Safari
  - SceneKit
  - Security
  - security_taskgate
  - Spotlight
  - SpotlightIndex
  - sysmond
  - UserAccountUpdater

Note that successful exploitation of the most serious issues can
result in arbitrary code execution.");
  script_set_attribute(attribute:"see_also", value:"http://support.apple.com/en-us/HT204244");
  script_set_attribute(attribute:"see_also", value:"http://www.securityfocus.com/archive/1/534559");
  script_set_attribute(attribute:"see_also", value:"https://www.imperialviolet.org/2014/10/14/poodle.html");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/~bodo/ssl-poodle.pdf");
  script_set_attribute(attribute:"see_also", value:"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Mac OS X 10.10.2 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-8836");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'tnftp "savefile" Arbitrary Command Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"in_the_news", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/09/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/01/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/29");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x:10.10");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MacOS X Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2015-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
  script_require_ports("Host/MacOSX/Version", "Host/OS");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

os = get_kb_item("Host/MacOSX/Version");
if (!os)
{
  os = get_kb_item_or_exit("Host/OS");
  if ("Mac OS X" >!< os) audit(AUDIT_OS_NOT, "Mac OS X");

  c = get_kb_item("Host/OS/Confidence");
  if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence.");
}
if (!os) audit(AUDIT_OS_NOT, "Mac OS X");

match = eregmatch(pattern:"Mac OS X ([0-9]+(\.[0-9]+)+)", string:os);
if (isnull(match)) exit(1, "Failed to parse the Mac OS X version ('" + os + "').");

version = match[1];
if (!ereg(pattern:"^10\.10([^0-9]|$)", string:version)) audit(AUDIT_OS_NOT, "Mac OS X 10.10", "Mac OS X "+version);

fixed_version = "10.10.2";
if (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)
{
  if (report_verbosity > 0)
    {
      report = '\n  Installed version : ' + version +
               '\n  Fixed version     : ' + fixed_version +
               '\n';
      security_hole(port:0, extra:report);
    }
    else security_hole(0);
    exit(0);
}
else exit(0, "The host is not affected as it is running Mac OS X "+version+".");
VendorProductVersionCPE
applemac_os_x10.10cpe:/o:apple:mac_os_x:10.10

References

Related

nessus 46
securityvulns 12
openvas 24
cve 10
cvelist 10
prion 10
nvd 10
ubuntucve 3
suse 7
ibm 38
gentoo 1
mageia 1
archlinux 1
kaspersky 1
debian 2
ubuntu 1
cloudfoundry 1
freebsd_advisory 1
slackware 1
freebsd 3
osv 2
exploitpack 2
seebug 1
lenovo 1
packetstorm 1
cert 1
huawei 1
kitploit 1
checkpoint_advisories 1
cisco 1
oraclelinux 2
f5 1
jvn 1
nessus
nessus
Mac OS X < 10.10.2 Multiple Vulnerabilities
2015-03-04 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2015-001) (POODLE)
2015-01-29 00:00:00
Apple TV < 7.0.3 Multiple Vulnerabilities
2015-03-04 00:00:00
securityvulns
securityvulns
APPLE-SA-2015-01-27-4 OS X 10.10.2 and Security Update 2015-001
2015-02-02 00:00:00
Apple Mac OS X multiple security vulnerabilities
2015-02-02 00:00:00
Apple Safari / Webkit multiple security vulnerabilities
2015-02-02 00:00:00
openvas
openvas
Apple Mac OS X Multiple Vulnerabilities -01 (Mar 2015)
2015-03-05 00:00:00
Apple Safari 'Webkit' Multiple Vulnerabilities -01 (Feb 2015) - Mac OS X
2015-02-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1387-1)
2021-06-09 00:00:00
cve
cve
CVE-2014-4419
2014-09-18 10:55:10
CVE-2014-4421
2014-09-18 10:55:10
CVE-2014-4420
2014-09-18 10:55:10
cvelist
cvelist
CVE-2014-4371
2014-09-18 10:00:00
CVE-2014-4419
2014-09-18 10:00:00
CVE-2014-4420
2014-09-18 10:00:00
prion
prion
Design/Logic Flaw
2014-09-18 10:55:00
Design/Logic Flaw
2014-09-18 10:55:00
Design/Logic Flaw
2014-09-18 10:55:00
nvd
nvd
CVE-2014-4419
2014-09-18 10:55:10
CVE-2014-4371
2014-09-18 10:55:09
CVE-2014-4420
2014-09-18 10:55:10
ubuntucve
ubuntucve
CVE-2014-4476
2015-01-30 00:00:00
CVE-2014-4477
2015-01-30 00:00:00
CVE-2014-4479
2015-01-30 00:00:00
suse
suse
Security update for OpenSSL (important)
2014-11-13 01:04:46
Security update for OpenSSL (important)
2014-11-11 01:04:46
Security update for OpenSSL (important)
2014-11-05 23:04:47
ibm
ibm
Security Bulletin: Vulnerability in SSLv3 and OpenSSL affect SAN Volume Controller and Storwize Family (CVE-2014-3566 CVE-2014-3567)
2023-03-29 01:48:02
Security Bulletin: Vulnerabilities in SSLv3 affect IBM Flex System Manager (FSM) and compatible IBM Systems Director agents (CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568)
2019-01-31 02:10:01
Security Bulletin: Four (4) Vulnerabilities in OpenSSL affect IBM FlashSystem 840 and V840 systems ( CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568)
2023-02-18 01:45:50
gentoo
gentoo
Bash: Multiple vulnerabilities
2014-10-04 00:00:00
mageia
mageia
Updated bash packages fix multiple security vulnerabilities
2014-10-01 13:34:33
archlinux
archlinux
openssl: denial of service / man-in-the-middle / poodle mitigation
2014-10-16 00:00:00
kaspersky
kaspersky
KLA10359 Vulnerability in Tableau
2014-07-18 00:00:00
debian
debian
[SECURITY] [DSA 3053-1] openssl security update
2014-10-16 15:48:24
[SECURITY] [DLA 81-1] openssl security update
2014-11-01 15:49:46
ubuntu
ubuntu
Bash vulnerabilities
2014-09-27 00:00:00
cloudfoundry
cloudfoundry
CVE-2014-7186 and CVE-2014-7187 - Bash Out of Bounds | Cloud Foundry
2014-09-29 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:23.openssl
2014-10-21 00:00:00
slackware
slackware
[slackware-security] openssl
2014-10-15 17:58:22
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-10-15 00:00:00
bash -- out-of-bounds memory access in parser
2014-09-25 00:00:00
rt42 -- vulnerabilities related to shellshock
2014-10-02 00:00:00
osv
osv
openssl - security update
2014-10-16 00:00:00
openssl - security update
2014-11-01 00:00:00
exploitpack
exploitpack
GNU bash 4.3.11 - Environment Variable dhclient
2014-10-02 00:00:00
dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)
2014-09-29 00:00:00
seebug
seebug
GNU bash 4.3.11 Environment Variable dhclient Exploit
2014-10-10 00:00:00
lenovo
lenovo
GNU Bourne-Again Shell (Bash) 'Shellshock'
2016-11-16 00:00:00
packetstorm
packetstorm
GNU Bash 4.3.11 dhclient Shellshocker
2014-10-02 00:00:00
cert
cert
GNU Bash shell executes commands in exported functions in environment variables
2014-09-25 00:00:00
huawei
huawei
Security Advisory-Bash Code Injection Vulnerability
2014-10-24 00:00:00
kitploit
kitploit
ShellShockHunter - It's A Simple Tool For Test Vulnerability Shellshock
2021-02-10 11:30:00
checkpoint_advisories
checkpoint_advisories
GNU Bash Remote Code Execution (CVE-2014-6271; CVE-2014-6277; CVE-2014-6278; CVE-2014-7169; CVE-2014-7186; CVE-2014-7187)
2014-09-25 00:00:00
cisco
cisco
GNU Bash Environment Variable Command Injection Vulnerability
2014-09-26 01:00:00
oraclelinux
oraclelinux
bash security update
2014-09-25 00:00:00
bash security update
2014-09-26 00:00:00
f5
f5
K15629 : Multiple GNU Bash vulnerabilities
2015-05-22 00:00:00
jvn
jvn
JVN#55667175: QNAP QTS vulnerable to OS command injection
2014-10-28 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

3.4 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.975 High

EPSS

Percentile

100.0%

JSON
Related for MACOSX_10_10_2.NASL
nessus46securityvulns12openvas24cve10cvelist10prion10nvd10ubuntucve3suse7ibm38gentoo1mageia1archlinux1kaspersky1debian2ubuntu1cloudfoundry1freebsd_advisory1slackware1freebsd3osv2exploitpack2seebug1lenovo1packetstorm1cert1huawei1kitploit1checkpoint_advisories1cisco1oraclelinux2f51jvn1