ID de Prueba:	1.3.6.1.4.1.25623.1.0.810220
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X Multiple Vulnerabilities-02 (Nov 2016)
Resumen:	Apple Mac OS X is prone to multiple vulnerabilities.
Descripción:	Summary: Apple Mac OS X is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - The windowServer does not prevent session creation by a sandboxed application. - A format string error in CoreServicesUIAgent. - The Intel Graphics Driver does not properly validate a certain pointer. - A buffer overflow error in ImageIO. - An improper implementation of power management. - The kernel places a kernel pointer into an XNU object data structure accessible from user space. - An error in Heimdal Kerberos. - An error in CFNetwork HTTPProtocol. - An error in IOKit Kernel. - An integer overflow issue existed in LibYAML's handling of YAML tags. - A heap-based buffer overflow issue error in Ruby. - An error in secure transport regarding renegotiation. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary code or cause a denial of service (memory corruption), to gain sensitive information and to bypass certain protection mechanism and have other impacts. Affected Software/OS: Apple Mac OS X versions 10.9.x through 10.9.2 Solution: Updates are available. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1314 http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1315 Common Vulnerability Exposure (CVE) ID: CVE-2014-1316 Common Vulnerability Exposure (CVE) ID: CVE-2014-1318 Common Vulnerability Exposure (CVE) ID: CVE-2014-1319 Common Vulnerability Exposure (CVE) ID: CVE-2014-1321 Common Vulnerability Exposure (CVE) ID: CVE-2014-1322 Common Vulnerability Exposure (CVE) ID: CVE-2014-1296 http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html Common Vulnerability Exposure (CVE) ID: CVE-2014-1320 Common Vulnerability Exposure (CVE) ID: CVE-2013-6393 http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html BugTraq ID: 65258 http://www.securityfocus.com/bid/65258 Debian Security Information: DSA-2850 (Google Search) http://www.debian.org/security/2014/dsa-2850 Debian Security Information: DSA-2870 (Google Search) http://www.debian.org/security/2014/dsa-2870 http://www.mandriva.com/security/advisories?name=MDVSA-2015:060 https://bugzilla.redhat.com/attachment.cgi?id=847926&action=diff http://osvdb.org/102716 RedHat Security Advisories: RHSA-2014:0353 http://rhn.redhat.com/errata/RHSA-2014-0353.html RedHat Security Advisories: RHSA-2014:0354 http://rhn.redhat.com/errata/RHSA-2014-0354.html RedHat Security Advisories: RHSA-2014:0355 http://rhn.redhat.com/errata/RHSA-2014-0355.html SuSE Security Announcement: openSUSE-SU-2014:0272 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-02/msg00064.html SuSE Security Announcement: openSUSE-SU-2014:0273 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-02/msg00065.html SuSE Security Announcement: openSUSE-SU-2015:0319 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html SuSE Security Announcement: openSUSE-SU-2016:1067 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-04/msg00050.html http://www.ubuntu.com/usn/USN-2098-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-4164 BugTraq ID: 63873 http://www.securityfocus.com/bid/63873 Debian Security Information: DSA-2809 (Google Search) http://www.debian.org/security/2013/dsa-2809 Debian Security Information: DSA-2810 (Google Search) http://www.debian.org/security/2013/dsa-2810 http://osvdb.org/100113 RedHat Security Advisories: RHSA-2013:1763 http://rhn.redhat.com/errata/RHSA-2013-1763.html RedHat Security Advisories: RHSA-2013:1764 http://rhn.redhat.com/errata/RHSA-2013-1764.html RedHat Security Advisories: RHSA-2013:1767 http://rhn.redhat.com/errata/RHSA-2013-1767.html RedHat Security Advisories: RHSA-2014:0011 http://rhn.redhat.com/errata/RHSA-2014-0011.html RedHat Security Advisories: RHSA-2014:0215 http://rhn.redhat.com/errata/RHSA-2014-0215.html http://secunia.com/advisories/55787 http://secunia.com/advisories/57376 SuSE Security Announcement: SUSE-SU-2013:1897 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00009.html SuSE Security Announcement: openSUSE-SU-2013:1834 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00027.html SuSE Security Announcement: openSUSE-SU-2013:1835 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-12/msg00028.html http://www.ubuntu.com/usn/USN-2035-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-1295 https://secure-resumption.com/
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.