ID de Prueba:	1.3.6.1.4.1.25623.1.0.811960
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X Multiple Code Execution Vulnerabilities (HT208221)
Resumen:	Apple Mac OS X is prone to multiple code execution vulnerabilities.
Descripción:	Summary: Apple Mac OS X is prone to multiple code execution vulnerabilities. Vulnerability Insight: Multiple flaws are due to, - Multiple memory corruption issues in libxpc component. - Multiple issues in Apache. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation of these vulnerabilities allow remote attackers to execute arbitrary code, bypass security restrictions, disclose sensitive information and cause a denial of service on affected system. Affected Software/OS: Apple Mac OS X version 10.12.x through 10.12.6 prior to Security Update 2017-001 Sierra, and 10.11.x through 10.11.6 prior to Security Update 2017-004 El Capitan. Solution: Apply appropriate security patch from the vendor. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-13832 http://www.securitytracker.com/id/1039710 Common Vulnerability Exposure (CVE) ID: CVE-2016-2161 BugTraq ID: 95076 http://www.securityfocus.com/bid/95076 Debian Security Information: DSA-3796 (Google Search) http://www.debian.org/security/2017/dsa-3796 https://security.gentoo.org/glsa/201701-36 https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rd336919f655b7ff309385e34a143e41c503e133da80414485b3abcc9@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2017:0906 https://access.redhat.com/errata/RHSA-2017:0906 RedHat Security Advisories: RHSA-2017:1161 https://access.redhat.com/errata/RHSA-2017:1161 RedHat Security Advisories: RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413 RedHat Security Advisories: RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414 RedHat Security Advisories: RHSA-2017:1415 http://rhn.redhat.com/errata/RHSA-2017-1415.html http://www.securitytracker.com/id/1037508 Common Vulnerability Exposure (CVE) ID: CVE-2016-5387 BugTraq ID: 91816 http://www.securityfocus.com/bid/91816 CERT/CC vulnerability note: VU#797896 http://www.kb.cert.org/vuls/id/797896 Debian Security Information: DSA-3623 (Google Search) http://www.debian.org/security/2016/dsa-3623 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPQAPWQA774JPDRV4UIB2SZAX6D3UZCV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEKZAB7MTWVSMORHTEMCQNFFMIHCYF76/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WCTE7443AYZ4EGELWLVNANA2WJCJIYI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TGNHXJJSWDXAOEYH5TMXDPQVJMQQJOAZ/ https://httpoxy.org/ https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2016:1420 https://access.redhat.com/errata/RHSA-2016:1420 RedHat Security Advisories: RHSA-2016:1421 https://access.redhat.com/errata/RHSA-2016:1421 RedHat Security Advisories: RHSA-2016:1422 https://access.redhat.com/errata/RHSA-2016:1422 RedHat Security Advisories: RHSA-2016:1624 http://rhn.redhat.com/errata/RHSA-2016-1624.html RedHat Security Advisories: RHSA-2016:1625 http://rhn.redhat.com/errata/RHSA-2016-1625.html RedHat Security Advisories: RHSA-2016:1635 https://access.redhat.com/errata/RHSA-2016:1635 RedHat Security Advisories: RHSA-2016:1636 https://access.redhat.com/errata/RHSA-2016:1636 RedHat Security Advisories: RHSA-2016:1648 http://rhn.redhat.com/errata/RHSA-2016-1648.html RedHat Security Advisories: RHSA-2016:1649 http://rhn.redhat.com/errata/RHSA-2016-1649.html RedHat Security Advisories: RHSA-2016:1650 http://rhn.redhat.com/errata/RHSA-2016-1650.html RedHat Security Advisories: RHSA-2016:1851 https://access.redhat.com/errata/RHSA-2016:1851 http://www.securitytracker.com/id/1036330 SuSE Security Announcement: openSUSE-SU-2016:1824 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-07/msg00059.html http://www.ubuntu.com/usn/USN-3038-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-8740 BugTraq ID: 94650 http://www.securityfocus.com/bid/94650 https://www.exploit-db.com/exploits/40909/ http://packetstormsecurity.com/files/140023/Apache-HTTPD-Web-Server-2.4.23-Memory-Exhaustion.html http://www.securitytracker.com/id/1037388 Common Vulnerability Exposure (CVE) ID: CVE-2016-8743 BugTraq ID: 95077 http://www.securityfocus.com/bid/95077 https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/rfcb6c7b9e7ca727a7eeeb5f13f89488a03981cfa0e7c3125f18fa239@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r4fe84db67fe9dc906c6185e58bbd9913f4356dd555a5c3db490694e5@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r94284b139540e5287ebdd3450682d3e3d187263dd6b75af8fa7d4890@%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09b8a39d1262adbab5528eea73df1b1f93e919bf004ed5a843d9cad1@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2017:1721 https://access.redhat.com/errata/RHSA-2017:1721 Common Vulnerability Exposure (CVE) ID: CVE-2017-3167 BugTraq ID: 99135 http://www.securityfocus.com/bid/99135 Debian Security Information: DSA-3896 (Google Search) http://www.debian.org/security/2017/dsa-3896 https://security.gentoo.org/glsa/201710-32 https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3Cdev.httpd.apache.org%3E RedHat Security Advisories: RHSA-2017:2478 https://access.redhat.com/errata/RHSA-2017:2478 RedHat Security Advisories: RHSA-2017:2479 https://access.redhat.com/errata/RHSA-2017:2479 RedHat Security Advisories: RHSA-2017:2483 https://access.redhat.com/errata/RHSA-2017:2483 RedHat Security Advisories: RHSA-2017:3193 https://access.redhat.com/errata/RHSA-2017:3193 RedHat Security Advisories: RHSA-2017:3194 https://access.redhat.com/errata/RHSA-2017:3194 RedHat Security Advisories: RHSA-2017:3195 https://access.redhat.com/errata/RHSA-2017:3195 RedHat Security Advisories: RHSA-2017:3475 https://access.redhat.com/errata/RHSA-2017:3475 RedHat Security Advisories: RHSA-2017:3476 https://access.redhat.com/errata/RHSA-2017:3476 RedHat Security Advisories: RHSA-2017:3477 https://access.redhat.com/errata/RHSA-2017:3477 http://www.securitytracker.com/id/1038711 Common Vulnerability Exposure (CVE) ID: CVE-2017-3169 BugTraq ID: 99134 http://www.securityfocus.com/bid/99134 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-3169 https://lists.apache.org/thread.html/84bf7fcc5cad35d355f11839cbdd13cbc5ffc1d34675090bff0f96ae@%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2017-7659 BugTraq ID: 99132 http://www.securityfocus.com/bid/99132 https://lists.apache.org/thread.html/1d0b746bbaa3a64890fcdab59ee9050aaa633b7143e7d412374e5a9a@%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2017-7668 BugTraq ID: 99137 http://www.securityfocus.com/bid/99137 https://lists.apache.org/thread.html/55a068b6a5eec0b3198ae7d96a7cb412352d0ffa7716612c5af3745b@%3Cdev.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2017-7679 BugTraq ID: 99170 http://www.securityfocus.com/bid/99170 https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679 https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3Cdev.httpd.apache.org%3E Common Vulnerability Exposure (CVE) ID: CVE-2017-9788 BugTraq ID: 99569 http://www.securityfocus.com/bid/99569 Debian Security Information: DSA-3913 (Google Search) http://www.debian.org/security/2017/dsa-3913 https://lists.apache.org/thread.html/0dd69204a6bd643cc4e9ccd008f07a9375525d977c6ebeb07a881afb@%3Cannounce.httpd.apache.org%3E https://lists.apache.org/thread.html/r8c9983f1172a3415f915ddb7e14de632d2d0c326eb1285755a024165@%3Ccvs.httpd.apache.org%3E RedHat Security Advisories: RHSA-2017:2708 https://access.redhat.com/errata/RHSA-2017:2708 RedHat Security Advisories: RHSA-2017:2709 https://access.redhat.com/errata/RHSA-2017:2709 RedHat Security Advisories: RHSA-2017:2710 https://access.redhat.com/errata/RHSA-2017:2710 RedHat Security Advisories: RHSA-2017:3113 https://access.redhat.com/errata/RHSA-2017:3113 RedHat Security Advisories: RHSA-2017:3114 https://access.redhat.com/errata/RHSA-2017:3114 RedHat Security Advisories: RHSA-2017:3239 https://access.redhat.com/errata/RHSA-2017:3239 RedHat Security Advisories: RHSA-2017:3240 https://access.redhat.com/errata/RHSA-2017:3240 http://www.securitytracker.com/id/1038906 Common Vulnerability Exposure (CVE) ID: CVE-2017-9789 BugTraq ID: 99568 http://www.securityfocus.com/bid/99568 https://lists.apache.org/thread.html/9d0098775bd83cf7c33ac5a077ef412c14ce939198921e639c734e20@%3Cannounce.httpd.apache.org%3E http://www.securitytracker.com/id/1038907 Common Vulnerability Exposure (CVE) ID: CVE-2017-13825 Common Vulnerability Exposure (CVE) ID: CVE-2017-13809 Common Vulnerability Exposure (CVE) ID: CVE-2017-13820 Common Vulnerability Exposure (CVE) ID: CVE-2017-13821 Common Vulnerability Exposure (CVE) ID: CVE-2017-13815 Common Vulnerability Exposure (CVE) ID: CVE-2017-13828 Common Vulnerability Exposure (CVE) ID: CVE-2017-13811 Common Vulnerability Exposure (CVE) ID: CVE-2017-13830 Common Vulnerability Exposure (CVE) ID: CVE-2017-11103 BugTraq ID: 99551 http://www.securityfocus.com/bid/99551 Debian Security Information: DSA-3912 (Google Search) http://www.debian.org/security/2017/dsa-3912 FreeBSD Security Advisory: FreeBSD-SA-17:05 https://www.freebsd.org/security/advisories/FreeBSD-SA-17:05.heimdal.asc https://www.orpheus-lyre.info/ http://www.securitytracker.com/id/1038876 http://www.securitytracker.com/id/1039427 Common Vulnerability Exposure (CVE) ID: CVE-2017-13819 Common Vulnerability Exposure (CVE) ID: CVE-2017-13814 Common Vulnerability Exposure (CVE) ID: CVE-2017-13831 Common Vulnerability Exposure (CVE) ID: CVE-2017-13810 Common Vulnerability Exposure (CVE) ID: CVE-2017-13817 Common Vulnerability Exposure (CVE) ID: CVE-2017-13818 Common Vulnerability Exposure (CVE) ID: CVE-2017-13836 Common Vulnerability Exposure (CVE) ID: CVE-2017-13841 Common Vulnerability Exposure (CVE) ID: CVE-2017-13840 Common Vulnerability Exposure (CVE) ID: CVE-2017-13842 Common Vulnerability Exposure (CVE) ID: CVE-2017-13782 http://packetstormsecurity.com/files/172827/Apple-XNU-Kernel-Memory-Exposure.html https://lgtm.com/blog/apple_xnu_dtrace_CVE-2017-13782 Common Vulnerability Exposure (CVE) ID: CVE-2017-13843 Common Vulnerability Exposure (CVE) ID: CVE-2017-13813 Common Vulnerability Exposure (CVE) ID: CVE-2017-13816 Common Vulnerability Exposure (CVE) ID: CVE-2017-13812 Common Vulnerability Exposure (CVE) ID: CVE-2016-4736 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html BugTraq ID: 93055 http://www.securityfocus.com/bid/93055 http://www.securitytracker.com/id/1036858 Common Vulnerability Exposure (CVE) ID: CVE-2017-13824 Common Vulnerability Exposure (CVE) ID: CVE-2017-13846 Common Vulnerability Exposure (CVE) ID: CVE-2017-13826 Common Vulnerability Exposure (CVE) ID: CVE-2017-13822 Common Vulnerability Exposure (CVE) ID: CVE-2017-7132 Common Vulnerability Exposure (CVE) ID: CVE-2017-13823 Common Vulnerability Exposure (CVE) ID: CVE-2017-13808 Common Vulnerability Exposure (CVE) ID: CVE-2017-13838 Common Vulnerability Exposure (CVE) ID: CVE-2016-0736 BugTraq ID: 95078 http://www.securityfocus.com/bid/95078 https://www.exploit-db.com/exploits/40961/
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.