Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.812400
Category:Mac OS X Local Security Checks
Title:Apple MacOSX Security Updates(HT208331, HT208394)-01
Summary:Apple Mac OS X is prone to multiple vulnerabilities.
Description:Summary:
Apple Mac OS X is prone to multiple vulnerabilities.

Vulnerability Insight:
The Security update resolves, a logic error
existed in the validation of credentials, an encryption issue existed with S/MIME
credentials, an inconsistent user interface issue and an error in systems with
microprocessors utilizing speculative execution, memory corruption issue,
input validation issue existed in the kernel, an out-of-bounds read error and
indirect branch prediction.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to execute arbitrary code with kernel and system privileges. Also
attacker may be able to bypass administrator authentication without supplying
the administrator's password and also allow unauthorized disclosure of
information to an attacker with local user access via a side-channel analysis
of the data cache and can cause unexpected system termination.

Affected Software/OS:
Apple Mac OS X versions, 10.13.x through 10.13.1

Solution:
Upgrade to Apple Mac OS X 10.13.2 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 101981
BugTraq ID: 102378
BugTraq ID: 102097
BugTraq ID: 102099
BugTraq ID: 102100
Common Vulnerability Exposure (CVE) ID: CVE-2017-5754
http://www.securityfocus.com/bid/102378
BugTraq ID: 106128
http://www.securityfocus.com/bid/106128
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
CERT/CC vulnerability note: VU#584653
http://www.kb.cert.org/vuls/id/584653
Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Debian Security Information: DSA-4078 (Google Search)
https://www.debian.org/security/2018/dsa-4078
Debian Security Information: DSA-4082 (Google Search)
https://www.debian.org/security/2018/dsa-4082
Debian Security Information: DSA-4120 (Google Search)
https://www.debian.org/security/2018/dsa-4120
FreeBSD Security Advisory: FreeBSD-SA-18:03
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc
https://security.gentoo.org/glsa/201810-06
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
https://meltdownattack.com/
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://lists.debian.org/debian-lts-announce/2018/01/msg00004.html
RedHat Security Advisories: RHSA-2018:0292
https://access.redhat.com/errata/RHSA-2018:0292
http://www.securitytracker.com/id/1040071
SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://usn.ubuntu.com/usn/usn-3516-1/
https://usn.ubuntu.com/usn/usn-3522-2/
https://usn.ubuntu.com/3522-3/
https://usn.ubuntu.com/3522-4/
https://usn.ubuntu.com/3523-1/
https://usn.ubuntu.com/usn/usn-3523-2/
https://usn.ubuntu.com/usn/usn-3524-2/
https://usn.ubuntu.com/usn/usn-3525-1/
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3583-1/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
Common Vulnerability Exposure (CVE) ID: CVE-2017-7163
Common Vulnerability Exposure (CVE) ID: CVE-2017-7155
Common Vulnerability Exposure (CVE) ID: CVE-2017-7171
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.