9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.967 High
EPSS
Percentile
99.7%
This host is missing an important security update according to
Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.802336");
script_version("2023-11-02T05:05:26+0000");
script_tag(name:"last_modification", value:"2023-11-02 05:05:26 +0000 (Thu, 02 Nov 2023)");
script_tag(name:"creation_date", value:"2011-10-20 08:43:23 +0200 (Thu, 20 Oct 2011)");
script_cve_id("CVE-2011-0419", "CVE-2011-3192", "CVE-2011-0185", "CVE-2011-3437",
"CVE-2011-0229", "CVE-2011-0230", "CVE-2011-1910", "CVE-2011-2464",
"CVE-2009-4022", "CVE-2010-0097", "CVE-2010-3613", "CVE-2010-3614",
"CVE-2011-0231", "CVE-2011-3246", "CVE-2011-0259", "CVE-2011-0187",
"CVE-2011-0224", "CVE-2011-0260", "CVE-2011-3212", "CVE-2011-3213",
"CVE-2011-3214", "CVE-2011-1755", "CVE-2011-3215", "CVE-2011-3216",
"CVE-2011-3227", "CVE-2011-0707", "CVE-2011-3217", "CVE-2011-3435",
"CVE-2010-3436", "CVE-2010-4645", "CVE-2011-0420", "CVE-2011-0421",
"CVE-2011-0708", "CVE-2011-1092", "CVE-2011-1153", "CVE-2011-1466",
"CVE-2011-1467", "CVE-2011-1468", "CVE-2011-1469", "CVE-2011-1470",
"CVE-2011-1471", "CVE-2011-0411", "CVE-2010-1634", "CVE-2010-2089",
"CVE-2011-1521", "CVE-2011-3228", "CVE-2011-0249", "CVE-2011-0250",
"CVE-2011-0251", "CVE-2011-0252", "CVE-2011-3218", "CVE-2011-3219",
"CVE-2011-3220", "CVE-2011-3221", "CVE-2011-3222", "CVE-2011-3223",
"CVE-2011-3225", "CVE-2010-1157", "CVE-2010-2227", "CVE-2010-3718",
"CVE-2010-4172", "CVE-2011-0013", "CVE-2011-0534", "CVE-2011-3224",
"CVE-2011-2690", "CVE-2011-2691", "CVE-2011-2692", "CVE-2011-3436",
"CVE-2011-3226", "CVE-2011-0226");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-08-06 15:53:00 +0000 (Thu, 06 Aug 2020)");
script_name("Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT1222");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/37118");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/37865");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/39635");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/40370");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/40863");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/41544");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/44723");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/45015");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/45133");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/45137");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/45668");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46164");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46174");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46177");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46354");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46365");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46429");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46464");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46767");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46786");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46854");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46967");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46968");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46969");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46970");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46975");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46977");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/46992");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/47024");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/47820");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48007");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48250");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48566");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48618");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48619");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48660");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/48993");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/49038");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/49303");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50067");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50068");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50091");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50092");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50095");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50098");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50099");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50100");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50101");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50109");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50111");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50112");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50113");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50114");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50115");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50116");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50117");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50120");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50121");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50122");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50127");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50129");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50130");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50131");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50144");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50146");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50150");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/50153");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT5000");
script_xref(name:"URL", value:"http://support.apple.com/kb/HT5002");
script_xref(name:"URL", value:"http://lists.apple.com/archives/security-announce//2011//Oct//msg00003.html");
script_copyright("Copyright (C) 2011 Greenbone AG");
script_category(ACT_GATHER_INFO);
script_family("Mac OS X Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/osx_name", "ssh/login/osx_version", re:"ssh/login/osx_version=^10\.6\.8");
script_tag(name:"impact", value:"Successful exploitation could allow attackers to execute arbitrary code in
the context of the browser, inject scripts, bypass certain security
restrictions or cause a denial of service condition.");
script_tag(name:"affected", value:"Apache, Application Firewall, ATS, BIND, Certificate Trust Policy, CFNetwork,
CoreFoundation, CoreMedia, CoreProcesses, CoreStorage, File Systems,
iChat Server, IOGraphics, Kernel, libsecurity, Mailman, MediaKit,
Open Directory, PHP, postfix, python, QuickTime, SMB File Server, Tomcat,
User Documentation, Web Server and X11.");
script_tag(name:"insight", value:"Please see the references for more information on the vulnerabilities.");
script_tag(name:"solution", value:"Run Mac Updates and update the Security Update 2011-006");
script_tag(name:"summary", value:"This host is missing an important security update according to
Mac OS X 10.6.8 Update/Mac OS X Security Update 2011-006.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
include("pkg-lib-macosx.inc");
osName = get_kb_item("ssh/login/osx_name");
if(!osName)
exit(0);
osVer = get_kb_item("ssh/login/osx_version");
if(!osVer)
exit(0);
if("Mac OS X" >< osName)
{
if(version_is_equal(version:osVer, test_version:"10.6.8"))
{
if(isosxpkgvuln(fixed:"com.apple.pkg.update.security.", diff:"2011.006"))
{
report = report_fixed_ver(installed_version:osVer, vulnerable_range:"Equal to 10.6.8");
security_message(port:0, data:report);
exit(0);
}
}
}
lists.apple.com/archives/security-announce//2011//Oct//msg00003.html
support.apple.com/kb/HT1222
support.apple.com/kb/HT5000
support.apple.com/kb/HT5002
www.securityfocus.com/bid/37118
www.securityfocus.com/bid/37865
www.securityfocus.com/bid/39635
www.securityfocus.com/bid/40370
www.securityfocus.com/bid/40863
www.securityfocus.com/bid/41544
www.securityfocus.com/bid/44723
www.securityfocus.com/bid/45015
www.securityfocus.com/bid/45133
www.securityfocus.com/bid/45137
www.securityfocus.com/bid/45668
www.securityfocus.com/bid/46164
www.securityfocus.com/bid/46174
www.securityfocus.com/bid/46177
www.securityfocus.com/bid/46354
www.securityfocus.com/bid/46365
www.securityfocus.com/bid/46429
www.securityfocus.com/bid/46464
www.securityfocus.com/bid/46767
www.securityfocus.com/bid/46786
www.securityfocus.com/bid/46854
www.securityfocus.com/bid/46967
www.securityfocus.com/bid/46968
www.securityfocus.com/bid/46969
www.securityfocus.com/bid/46970
www.securityfocus.com/bid/46975
www.securityfocus.com/bid/46977
www.securityfocus.com/bid/46992
www.securityfocus.com/bid/47024
www.securityfocus.com/bid/47820
www.securityfocus.com/bid/48007
www.securityfocus.com/bid/48250
www.securityfocus.com/bid/48566
www.securityfocus.com/bid/48618
www.securityfocus.com/bid/48619
www.securityfocus.com/bid/48660
www.securityfocus.com/bid/48993
www.securityfocus.com/bid/49038
www.securityfocus.com/bid/49303
www.securityfocus.com/bid/50067
www.securityfocus.com/bid/50068
www.securityfocus.com/bid/50091
www.securityfocus.com/bid/50092
www.securityfocus.com/bid/50095
www.securityfocus.com/bid/50098
www.securityfocus.com/bid/50099
www.securityfocus.com/bid/50100
www.securityfocus.com/bid/50101
www.securityfocus.com/bid/50109
www.securityfocus.com/bid/50111
www.securityfocus.com/bid/50112
www.securityfocus.com/bid/50113
www.securityfocus.com/bid/50114
www.securityfocus.com/bid/50115
www.securityfocus.com/bid/50116
www.securityfocus.com/bid/50117
www.securityfocus.com/bid/50120
www.securityfocus.com/bid/50121
www.securityfocus.com/bid/50122
www.securityfocus.com/bid/50127
www.securityfocus.com/bid/50129
www.securityfocus.com/bid/50130
www.securityfocus.com/bid/50131
www.securityfocus.com/bid/50144
www.securityfocus.com/bid/50146
www.securityfocus.com/bid/50150
www.securityfocus.com/bid/50153
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 High
AI Score
Confidence
High
0.967 High
EPSS
Percentile
99.7%