|Category:||Mac OS X Local Security Checks|
|Title:||Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability|
|Summary:||This host is installed with Mac OS X and is prone to a security; bypass vulnerability.|
This host is installed with Mac OS X and is prone to a security
The flaw is due to an error in the implementation of Certificate
Trust Policy, which allows attacker to bypass KeyChain security settings to accept
an Extended Validation certificate as valid.
Successful exploitation could allow attackers to bypass security
restrictions and launch further attacks on the system.
Mac OS X version 10.6 to 10.6.8
Mac OS X Server version 10.6 to 10.6.8.
Upgrade to Mac OS X version 10.7.3 or later.
BugTraq ID: 49429|
Common Vulnerability Exposure (CVE) ID: CVE-2011-3422
XForce ISS Database: macos-keychain-sec-bypass(69556)
|Copyright||Copyright (C) 2011 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.