English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.807000
Categoría:Mac OS X Local Security Checks
Título:Apple Mac OS X Multiple Vulnerabilities-01 (Dec 2015)
Resumen:Apple Mac OS X is prone to multiple vulnerabilities.
Descripción:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- an error in Bluetooth HCI interface

- an error in IOAcceleratorFamily

- an error in Disk Images component

- the System Integrity Protection feature mishandles union mounts

- the Keychain Access improperly interacts with Keychain Agent

- the Kext tools mishandles kernel-extension loading

- an error in ASN.1 decode, kernel loader in EF, IOThunderboltFamily, in File
Bookmark component

- multiple errors in Intel Graphics Driver component

- use-after-free error in Hypervisor

- a privilege issue existed in handling union mounts

- multiple vulnerabilities existed in LibreSSL

- an input validation issue existed in OpenLDAP

- an issue existed in how Keychain Access interacted with Keychain Agent

Please see the references for more information on the vulnerabilities.

Vulnerability Impact:
Successful exploitation will allow attacker
to obtain sensitive information, execute arbitrary code, gain privileges,
cause a denial of service, to spoof, to bypass protection mechanism.

Affected Software/OS:
Apple Mac OS X versions 10.11 to 10.11.1,
10.9.x through 10.9.5 and 10.10.x through 10.10.5.

Solution:
Upgrade to Apple Mac OS X version
10.11.2 or later or apply security update 2015-005 for 10.10.x and security
update 2015-008 for 10.9.x. Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-7044
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
http://www.securitytracker.com/id/1034344
Common Vulnerability Exposure (CVE) ID: CVE-2015-7045
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7052
Common Vulnerability Exposure (CVE) ID: CVE-2015-7059
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7060
Common Vulnerability Exposure (CVE) ID: CVE-2015-7061
Common Vulnerability Exposure (CVE) ID: CVE-2015-7062
Common Vulnerability Exposure (CVE) ID: CVE-2015-7063
Common Vulnerability Exposure (CVE) ID: CVE-2015-7067
Common Vulnerability Exposure (CVE) ID: CVE-2015-7071
Common Vulnerability Exposure (CVE) ID: CVE-2015-7076
Common Vulnerability Exposure (CVE) ID: CVE-2015-7077
https://www.exploit-db.com/exploits/39368/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7078
https://www.exploit-db.com/exploits/39370/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7106
https://www.exploit-db.com/exploits/39369/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7108
https://www.exploit-db.com/exploits/39372/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7109
Common Vulnerability Exposure (CVE) ID: CVE-2015-7110
https://www.exploit-db.com/exploits/39365/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7105
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
BugTraq ID: 78719
http://www.securityfocus.com/bid/78719
Common Vulnerability Exposure (CVE) ID: CVE-2015-7074
Common Vulnerability Exposure (CVE) ID: CVE-2015-7075
Common Vulnerability Exposure (CVE) ID: CVE-2015-7053
Common Vulnerability Exposure (CVE) ID: CVE-2011-2895
1025920
http://securitytracker.com/id?1025920
45544
http://secunia.com/advisories/45544
45568
http://secunia.com/advisories/45568
45599
http://secunia.com/advisories/45599
45986
http://secunia.com/advisories/45986
46127
http://secunia.com/advisories/46127
48951
http://secunia.com/advisories/48951
49124
http://www.securityfocus.com/bid/49124
APPLE-SA-2012-02-01-1
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
APPLE-SA-2012-05-09-1
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
APPLE-SA-2015-12-08-1
APPLE-SA-2015-12-08-2
APPLE-SA-2015-12-08-3
APPLE-SA-2015-12-08-4
DSA-2293
http://www.debian.org/security/2011/dsa-2293
MDVSA-2011:153
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
NetBSD-SA2011-007
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
RHSA-2011:1154
http://www.redhat.com/support/errata/RHSA-2011-1154.html
RHSA-2011:1155
http://www.redhat.com/support/errata/RHSA-2011-1155.html
RHSA-2011:1161
http://www.redhat.com/support/errata/RHSA-2011-1161.html
RHSA-2011:1834
http://www.redhat.com/support/errata/RHSA-2011-1834.html
SUSE-SU-2011:1035
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
USN-1191-1
http://www.ubuntu.com/usn/USN-1191-1
[oss-security] 20110810 LZW decompression issues
http://www.openwall.com/lists/oss-security/2011/08/10/10
[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
https://bugzilla.redhat.com/show_bug.cgi?id=725760
https://bugzilla.redhat.com/show_bug.cgi?id=727624
https://support.apple.com/HT205635
https://support.apple.com/HT205637
https://support.apple.com/HT205640
https://support.apple.com/HT205641
openSUSE-SU-2011:1299
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
xorg-lzw-bo(69141)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Common Vulnerability Exposure (CVE) ID: CVE-2015-7115
Common Vulnerability Exposure (CVE) ID: CVE-2015-7116
Common Vulnerability Exposure (CVE) ID: CVE-2015-7064
Common Vulnerability Exposure (CVE) ID: CVE-2015-7065
Common Vulnerability Exposure (CVE) ID: CVE-2015-7066
Common Vulnerability Exposure (CVE) ID: CVE-2015-7107
Common Vulnerability Exposure (CVE) ID: CVE-2015-7058
Common Vulnerability Exposure (CVE) ID: CVE-2015-7803
BugTraq ID: 76959
http://www.securityfocus.com/bid/76959
Debian Security Information: DSA-3380 (Google Search)
http://www.debian.org/security/2015/dsa-3380
https://security.gentoo.org/glsa/201606-10
http://www.openwall.com/lists/oss-security/2015/10/05/8
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.461720
SuSE Security Announcement: SUSE-SU-2016:1145 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00052.html
SuSE Security Announcement: openSUSE-SU-2016:0251 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-01/msg00099.html
SuSE Security Announcement: openSUSE-SU-2016:0366 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00037.html
http://www.ubuntu.com/usn/USN-2786-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7804
Common Vulnerability Exposure (CVE) ID: CVE-2015-7001
Common Vulnerability Exposure (CVE) ID: CVE-2015-7094
Common Vulnerability Exposure (CVE) ID: CVE-2015-7054
Common Vulnerability Exposure (CVE) ID: CVE-2015-7081
Common Vulnerability Exposure (CVE) ID: CVE-2015-7111
Common Vulnerability Exposure (CVE) ID: CVE-2015-7112
Common Vulnerability Exposure (CVE) ID: CVE-2015-7068
Common Vulnerability Exposure (CVE) ID: CVE-2015-7040
Common Vulnerability Exposure (CVE) ID: CVE-2015-7041
Common Vulnerability Exposure (CVE) ID: CVE-2015-7042
Common Vulnerability Exposure (CVE) ID: CVE-2015-7043
Common Vulnerability Exposure (CVE) ID: CVE-2015-7083
Common Vulnerability Exposure (CVE) ID: CVE-2015-7084
https://www.exploit-db.com/exploits/39357/
https://www.exploit-db.com/exploits/39366/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7047
https://www.exploit-db.com/exploits/39371/
https://www.exploit-db.com/exploits/39373/
https://www.exploit-db.com/exploits/39374/
https://www.exploit-db.com/exploits/39375/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7038
Common Vulnerability Exposure (CVE) ID: CVE-2015-7039
https://www.exploit-db.com/exploits/38917/
Common Vulnerability Exposure (CVE) ID: CVE-2012-0876
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
BugTraq ID: 52379
http://www.securityfocus.com/bid/52379
Debian Security Information: DSA-2525 (Google Search)
http://www.debian.org/security/2012/dsa-2525
http://www.mandriva.com/security/advisories?name=MDVSA-2012:041
http://bugs.python.org/issue13703#msg151870
http://mail.libexpat.org/pipermail/expat-discuss/2012-March/002768.html
RedHat Security Advisories: RHSA-2012:0731
http://rhn.redhat.com/errata/RHSA-2012-0731.html
RedHat Security Advisories: RHSA-2016:0062
http://rhn.redhat.com/errata/RHSA-2016-0062.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://secunia.com/advisories/49504
http://secunia.com/advisories/51024
http://secunia.com/advisories/51040
http://www.ubuntu.com/usn/USN-1527-1
http://www.ubuntu.com/usn/USN-1613-1
http://www.ubuntu.com/usn/USN-1613-2
Common Vulnerability Exposure (CVE) ID: CVE-2012-1147
http://trac.wxwidgets.org/ticket/11194
http://trac.wxwidgets.org/ticket/11432
Common Vulnerability Exposure (CVE) ID: CVE-2012-1148
Common Vulnerability Exposure (CVE) ID: CVE-2015-6908
BugTraq ID: 76714
http://www.securityfocus.com/bid/76714
Debian Security Information: DSA-3356 (Google Search)
http://www.debian.org/security/2015/dsa-3356
RedHat Security Advisories: RHSA-2015:1840
http://rhn.redhat.com/errata/RHSA-2015-1840.html
http://www.securitytracker.com/id/1033534
SuSE Security Announcement: SUSE-SU-2016:0224 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
SuSE Security Announcement: SUSE-SU-2016:0262 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
SuSE Security Announcement: openSUSE-SU-2016:0226 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
SuSE Security Announcement: openSUSE-SU-2016:0255 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
SuSE Security Announcement: openSUSE-SU-2016:0261 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
http://www.ubuntu.com/usn/USN-2742-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5333
http://lists.opensuse.org/opensuse-updates/2015-10/msg00050.html
http://packetstormsecurity.com/files/133998/Qualys-Security-Advisory-LibreSSL-Leak-Overflow.html
http://www.securityfocus.com/archive/1/archive/1/536692/100/0/threaded
Common Vulnerability Exposure (CVE) ID: CVE-2015-5334
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.3.1-relnotes.txt
http://seclists.org/fulldisclosure/2015/Oct/75
Common Vulnerability Exposure (CVE) ID: CVE-2015-7046
Common Vulnerability Exposure (CVE) ID: CVE-2015-7073
CopyrightCopyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.