|Category:||Mac OS X Local Security Checks|
|Title:||Microsoft PowerShell Core DoS And Security Feature Bypass Vulnerabilities (MacOSX)|
|Summary:||This host is missing an important security; update for PowerShell Core according to Microsoft security update January 2018.|
This host is missing an important security
update for PowerShell Core according to Microsoft security update January 2018.
Multiple flaws are due to:
- An error in the open source versions of PowerShell Core when improper
processing of XML documents by .NET Core occurs.
- An error in the open source versions of PowerShell Core where an attacker
could present a certificate that is marked invalid for a specific use,
but a .NET Core component uses it for that purpose. This action disregards
the Enhanced Key Usage tagging.
Successful exploitation will allow remote
attackers to cause a denial of service to an application using PowerShell
to process requests and also to bypass security.
PowerShell Core version 6.0.0 before 6.0.1
Update PowerShell Core to version 6.0.1 or
Common Vulnerability Exposure (CVE) ID: CVE-2018-0764|
BugTraq ID: 102387
RedHat Security Advisories: RHSA-2018:0379
Common Vulnerability Exposure (CVE) ID: CVE-2018-0786
BugTraq ID: 102380
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.