Test Kennung:	1.3.6.1.4.1.25623.1.0.811853
Kategorie:	Mac OS X Local Security Checks
Titel:	Apple Mac OS X Multiple Information Disclosure Vulnerabilities (HT208165)
Zusammenfassung:	This host is has Apple Mac OS X and; is prone to multiple information disclosure vulnerabilities.
Beschreibung:	Summary: This host is has Apple Mac OS X and is prone to multiple information disclosure vulnerabilities. Vulnerability Insight: Multiple flaws exist as, - A method existed for applications to bypass the key chain access prompt with a synthetic click. - If a hint was set in Disk Utility when creating an APFS encrypted volume, the password was stored as the hint. Vulnerability Impact: Successful exploitation will allow attackers to access sensitive information like passwords and other important data. Affected Software/OS: Apple Mac OS X version 10.13 before build 17A405. Solution: Upgrade to Apple Mac OS X version 10.13 build 17A405 by applying the supplemental update from the vendor. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-7149 BugTraq ID: 101178 http://www.securityfocus.com/bid/101178 https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79 https://nakedsecurity.sophos.com/2017/10/05/urgent-update-your-mac-again-right-now/ https://www.theregister.co.uk/2017/10/05/apple_patches_password_hint_bug_that_revealed_password/ http://www.securitytracker.com/id/1039513 Common Vulnerability Exposure (CVE) ID: CVE-2017-7150 BugTraq ID: 101177 http://www.securityfocus.com/bid/101177 http://www.securitytracker.com/id/1039430
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.