Mac OS X Local Security Checks : Apple Mac OS X Security Update (HT212177)-02

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.826549

Categoría: Mac OS X Local Security Checks

Título: Apple Mac OS X Security Update (HT212177)-02

Resumen: Apple Mac OS X is prone to multiple; code execution vulnerabilities.

Descripción: Summary:
Apple Mac OS X is prone to multiple
code execution vulnerabilities.

Vulnerability Insight:
The flaw is due to vulnerable sudo version.

Vulnerability Impact:
Successful exploitation will allow attackers
to elevate their privileges.

Affected Software/OS:
Apple Mac OS X Big Sur 11.2, macOS Catalina 10.15.x
prior to macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.x
prior to macOS Mojave 10.14.6 Security Update 2021-002.

Solution:
Upgrade to version 11.2.1 or apply
macOS Catalina 10.15.7 Supplemental Update for 10.15.x or apply Security Update 2021-002
for macOS Mojave 10.14.x. Please see the references for more information.

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3156
CERT/CC vulnerability note: VU#794544
https://www.kb.cert.org/vuls/id/794544
Cisco Security Advisory: 20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM
https://kc.mcafee.com/corporate/index?page=content&id=SB10348
https://security.netapp.com/advisory/ntap-20210128-0001/
https://security.netapp.com/advisory/ntap-20210128-0002/
https://support.apple.com/kb/HT212177
https://www.sudo.ws/stable.html#1.9.5p2
https://www.synology.com/security/advisory/Synology_SA_21_02
Debian Security Information: DSA-4839 (Google Search)
https://www.debian.org/security/2021/dsa-4839
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/
http://seclists.org/fulldisclosure/2021/Jan/79
http://seclists.org/fulldisclosure/2021/Feb/42
http://seclists.org/fulldisclosure/2024/Feb/3
https://security.gentoo.org/glsa/202101-33
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html
http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html
http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html
https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability
https://www.openwall.com/lists/oss-security/2021/01/26/3
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html
http://www.openwall.com/lists/oss-security/2021/01/26/3
http://www.openwall.com/lists/oss-security/2021/01/27/1
http://www.openwall.com/lists/oss-security/2021/01/27/2
http://www.openwall.com/lists/oss-security/2021/02/15/1
http://www.openwall.com/lists/oss-security/2021/09/14/2
http://www.openwall.com/lists/oss-security/2024/01/30/6
http://www.openwall.com/lists/oss-security/2024/01/30/8

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.826549
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X Security Update (HT212177)-02
Resumen:	Apple Mac OS X is prone to multiple; code execution vulnerabilities.
Descripción:	Summary: Apple Mac OS X is prone to multiple code execution vulnerabilities. Vulnerability Insight: The flaw is due to vulnerable sudo version. Vulnerability Impact: Successful exploitation will allow attackers to elevate their privileges. Affected Software/OS: Apple Mac OS X Big Sur 11.2, macOS Catalina 10.15.x prior to macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.x prior to macOS Mojave 10.14.6 Security Update 2021-002. Solution: Upgrade to version 11.2.1 or apply macOS Catalina 10.15.7 Supplemental Update for 10.15.x or apply Security Update 2021-002 for macOS Mojave 10.14.x. Please see the references for more information. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3156 CERT/CC vulnerability note: VU#794544 https://www.kb.cert.org/vuls/id/794544 Cisco Security Advisory: 20210129 Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sudo-privesc-jan2021-qnYQfcM https://kc.mcafee.com/corporate/index?page=content&id=SB10348 https://security.netapp.com/advisory/ntap-20210128-0001/ https://security.netapp.com/advisory/ntap-20210128-0002/ https://support.apple.com/kb/HT212177 https://www.sudo.ws/stable.html#1.9.5p2 https://www.synology.com/security/advisory/Synology_SA_21_02 Debian Security Information: DSA-4839 (Google Search) https://www.debian.org/security/2021/dsa-4839 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LHXK6ICO5AYLGFK2TAX5MZKUXTUKWOJY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CALA5FTXIQBRRYUA2ZQNJXB6OQMAXEII/ http://seclists.org/fulldisclosure/2021/Jan/79 http://seclists.org/fulldisclosure/2021/Feb/42 http://seclists.org/fulldisclosure/2024/Feb/3 https://security.gentoo.org/glsa/202101-33 http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html http://packetstormsecurity.com/files/161160/Sudo-Heap-Based-Buffer-Overflow.html http://packetstormsecurity.com/files/161230/Sudo-Buffer-Overflow-Privilege-Escalation.html http://packetstormsecurity.com/files/161270/Sudo-1.9.5p1-Buffer-Overflow-Privilege-Escalation.html http://packetstormsecurity.com/files/161293/Sudo-1.8.31p2-1.9.5p1-Buffer-Overflow.html https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability https://www.openwall.com/lists/oss-security/2021/01/26/3 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html http://www.openwall.com/lists/oss-security/2021/01/26/3 http://www.openwall.com/lists/oss-security/2021/01/27/1 http://www.openwall.com/lists/oss-security/2021/01/27/2 http://www.openwall.com/lists/oss-security/2021/02/15/1 http://www.openwall.com/lists/oss-security/2021/09/14/2 http://www.openwall.com/lists/oss-security/2024/01/30/6 http://www.openwall.com/lists/oss-security/2024/01/30/8
Copyright	Copyright (C) 2022 Greenbone AG