Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Apple Updates for Multiple Vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | TA08-079A | First vendor Publication | 2008-03-19 |
| Vendor | US-CERT | Last vendor Modification | 2008-03-19 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Apple has released the Apple Security Update 2008-002 and Apple Safari I. Description Apple Security Update 2008-002 and Apple Safari 3.1 to address a number of vulnerabilities affecting Apple Mac OS X, OS X Server, and Safari. Further details are available in the US-CERT Vulnerability Notes Database. II. Impact The impacts of these vulnerabilities vary. Potential consequences include arbitrary code execution, sensitive information disclosure, cross-site scripting, and denial of service. III. Solution Install updates from Apple Install Apple Security Update 2008-002. These and other updates are available via Software Update or via Apple Downloads. |
Original Source
| Url : http://www.us-cert.gov/cas/techalerts/TA08-079A.html |
CAPEC : Common Attack Pattern Enumeration & Classification
| Id | Name |
|---|---|
| CAPEC-26 | Leveraging Race Conditions |
| CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 22 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 22 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 20 % | CWE-200 | Information Exposure |
| 10 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 7 % | CWE-362 | Race Condition |
| 7 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 5 % | CWE-20 | Improper Input Validation |
| 2 % | CWE-255 | Credentials Management |
| 2 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
| 2 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10085 | |||
| Oval ID: | oval:org.mitre.oval:def:10085 | ||
| Title: | Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||
| Description: | Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0047 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10356 | |||
| Oval ID: | oval:org.mitre.oval:def:10356 | ||
| Title: | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | ||
| Description: | Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-0053 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-05 (mDNSResponder) File : nvt/glsa_201201_05.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-13 | Name : SLES10: Security update for CUPS File : nvt/sles10_cups4.nasl |
| 2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5023036.nasl |
| 2009-04-09 | Name : Mandriva Update for cups MDVSA-2008:081 (cups) File : nvt/gb_mandriva_MDVSA_2008_081.nasl |
| 2009-03-23 | Name : Ubuntu Update for cupsys vulnerabilities USN-598-1 File : nvt/gb_ubuntu_USN_598_1.nasl |
| 2009-03-06 | Name : RedHat Update for cups RHSA-2008:0206-01 File : nvt/gb_RHSA-2008_0206-01_cups.nasl |
| 2009-03-06 | Name : RedHat Update for cups RHSA-2008:0192-01 File : nvt/gb_RHSA-2008_0192-01_cups.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 i386 File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 i386 File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl |
| 2009-02-17 | Name : Fedora Update for WebKit FEDORA-2008-3415 File : nvt/gb_fedora_2008_3415_WebKit_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for blender FEDORA-2008-9447 File : nvt/gb_fedora_2008_9447_blender_fc9.nasl |
| 2009-02-17 | Name : Fedora Update for blender FEDORA-2008-9411 File : nvt/gb_fedora_2008_9411_blender_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8801 File : nvt/gb_fedora_2008_8801_cups_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3586 File : nvt/gb_fedora_2008_3586_cups_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3449 File : nvt/gb_fedora_2008_3449_cups_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for midori FEDORA-2008-3415 File : nvt/gb_fedora_2008_3415_midori_fc7.nasl |
| 2009-02-17 | Name : Fedora Update for midori FEDORA-2008-3229 File : nvt/gb_fedora_2008_3229_midori_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for kazehakase FEDORA-2008-3229 File : nvt/gb_fedora_2008_3229_kazehakase_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for WebKit FEDORA-2008-3229 File : nvt/gb_fedora_2008_3229_WebKit_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2897 File : nvt/gb_fedora_2008_2897_cups_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2131 File : nvt/gb_fedora_2008_2131_cups_fc8.nasl |
| 2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10911 File : nvt/gb_fedora_2008_10911_cups_fc8.nasl |
| 2009-01-23 | Name : SuSE Update for cups SUSE-SA:2008:015 File : nvt/gb_suse_2008_015.nasl |
| 2009-01-23 | Name : SuSE Update for cups SUSE-SA:2008:020 File : nvt/gb_suse_2008_020.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200804-01 (cups) File : nvt/glsa_200804_01.nasl |
| 2008-08-15 | Name : Debian Security Advisory DSA 1625-1 (cupsys) File : nvt/deb_1625_1.nasl |
| 2008-06-17 | Name : Cups < 1.3.8 vulnerability File : nvt/cups_CB-A08-0045.nasl |
| 2008-03-27 | Name : Debian Security Advisory DSA 1530-1 (cupsys) File : nvt/deb_1530_1.nasl |
| 0000-00-00 | Name : Slackware Advisory SSA:2008-094-01 cups File : nvt/esoft_slk_ssa_2008_094_01.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 43546 | Apple Mac OS X AppKit Legacy Serialization Format Parser Property List Handli... Multiple unspecified overflows exist in Mac OS X. AppKit fails to validate property lists resulting in integer overflows. With a specially crafted serialized property list, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
| 43406 | Apple Mac OS X AppKit Crafted PPD File Handling Overflow A buffer overflow exists in Mac OS X. AppKit fails to validate PPD files resulting in a stack overflow. With a specially crafted PPD file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
| 43405 | Apple Safari Error Page Crafted URL XSS |
| 43399 | Apple Mac OS X Universal Disc Format (UDF) Handling DoS Mac OS X contains a flaw that may allow a denial of service. The issue is triggered when by a null dereference issue in the handling of UDF files, and will result in loss of availability for the platform. |
| 43398 | Apple Mac OS X System Configuration Component NetCfgTool Distributed Object H... Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when distributed objects used by NetCFGTool are sent a maliciously crafted message, which causes the objects to bypass authentication. This flaw may lead to a loss of integrity. |
| 43397 | Apple Mac OS X Printing Component Authenticated Print Queue Local Password Di... Mac OS X contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to passwords which have been saved to disk when starting a job on an authenticated print queue, which may lead to a loss of confidentiality. |
| 43396 | Apple Mac OS X Printing Component Printed Encrypted PDF File Encryption Weakness Mac OS X contains a flaw that may lead to an unauthorized information disclosure. Â The issue is triggered when using the 'Print to PDF' feature to create an encrypted PDF, which uses 40-bit RC4 encryption and may be defeated by an attacker with sufficient computing power. |
| 43395 | Apple Mac OS X Preview Saved Encrypted PDF File Encryption Weakness Mac OS X contains a flaw that may allow a malicious user to access the content of an encrypted PDF file without the password. The issue is triggered when Preview is used to create a PDF file, which uses 40-bit RC-4 encryption. It is possible that the flaw may allow an attacker with significant computing resources to decrypt the file, resulting in a loss of confidentiality. |
| 43394 | Apple Mac OS X Podcast Producer Podcast Capture Process Listing Local Passwor... |
| 43393 | Apple Mac OS X pax Archive Handling Array Index Error Arbitrary Code Execution |
| 43392 | Apple Mac OS X notifyd Spoofed Port Death Notification Local DoS |
| 43391 | Apple Mac OS X mDNSResponderHelper hostname Local Format String |
| 43390 | Apple Mac OS X libc Libsystem strnstr API Crafted Argument Off-by-one Mac OS X contains a flaw that may allow a denial of service. The issue is triggered when an application using the strnstr API reads one byte beyond the limit specified by the user, and will result in loss of availability for the application. |
| 43389 | Apple Multiple Products Image Raw Adobe Digital Negative (DNG) Image Handlin... |
| 43388 | Apple Mac OS X Help Viewer help:topic_list URL Arbitrary Applescript Execution |
| 43387 | Apple Mac OS X Foundation NSXML XML File Handling Arbitrary Code Execution |
| 43386 | Apple Mac OS X Foundation NSURLConnection Cache Management Functionality Unsp... |
| 43385 | Apple Mac OS X Foundation NSFileManager Structure Handling Overflow |
| 43384 | Apple Mac OS X Foundation NSFileManager File Creation Race Condition Privileg... |
| 43383 | Apple Mac OS X Foundation NSSelectorFromString API Selector Name Arbitrary Co... |
| 43382 | CUPS Multiple HP-GL/2-to-PostScript Unspecified Input Validation Issues Multiple unspecified overflows exist in CUPS. The HP-GL/2-to-Postcript filter fails to validate unspecified inputs resulting in a buffer overflows. With a specially crafted HP-GL/2 file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
| 43381 | Apple Mac OS X CoreServices .ief File Trust Security Bypass |
| 43380 | Apple Mac OS X CoreFoundation Time Zone Data Handling Local Overflow |
| 43379 | Apple Mac OS X CFNetwork 502 Bad Gateway Error Secure Site Spoofing Mac OS X contains a flaw that may allow a malicious user to spoof content from an SSL-protected comunication. The issue is triggered when Safari accepts arbitrary data in a 502 Gateway Error from an HTTPS proxy. It is possible that the flaw may allow a malicious HTTPS proxy operator to spoof content resulting in a loss of integrity. |
| 43378 | Apple Mac OS X AppKit NSApplication Port Crafted Message Local Privilege Esca... |
| 43377 | Apple Mac OS X AppKit NSDocument API Filename Handling Overflow |
| 43376 | CUPS CGI Backend IPP Request Search Expression Handling (cgiCompileSearch) Re... |
| 43375 | Apple Mac OS X Application Firewall German Translation Configuration Weakness |
| 43374 | Apple Mac OS X AFP Server Kerberos Principal Realm Name Unspecified Cross-rea... |
| 43373 | Apple Mac OS X AFP Client afp:// URL Handling Multiple Overflows |
| 43368 | Apple Safari WebKit Cross-frame Method Instance XSS |
| 43367 | Apple Safari WebKit JavaScript Crafted Regex Handling Remote Overflow |
| 43366 | Apple Safari WebCore History Object Modification XSS |
| 43365 | Apple Safari WebCore document.domain Property XSS |
| 43364 | Apple Safari WebCore Java Applet Frame Navigation Policy Bypass |
| 43363 | Apple Safari WebCore window.open Function Page Security Context Modification XSS |
| 43362 | Apple Safari WebCore Kotoeri Input Method Password Disclosure |
| 43361 | Apple Safari WebCore Web Inspector Unspecified XSS |
| 43360 | Apple Safari WebCore document.domain property Unspecified XSS |
| 43359 | Apple Safari Crafted javascript: URL XSS |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | CUPS server query metacharacter buffer overflow attempt RuleID : 16072 - Revision : 9 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080401_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
| 2012-01-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-05.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
| 2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12117.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-081.nasl - Type : ACT_GATHER_INFO |
| 2008-08-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1625.nasl - Type : ACT_GATHER_INFO |
| 2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3449.nasl - Type : ACT_GATHER_INFO |
| 2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3586.nasl - Type : ACT_GATHER_INFO |
| 2008-05-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-3415.nasl - Type : ACT_GATHER_INFO |
| 2008-04-25 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-3229.nasl - Type : ACT_GATHER_INFO |
| 2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2131.nasl - Type : ACT_GATHER_INFO |
| 2008-04-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2897.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200804-01.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0192.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2008-094-01.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-5115.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5117.nasl - Type : ACT_GATHER_INFO |
| 2008-04-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-598-1.nasl - Type : ACT_GATHER_INFO |
| 2008-04-03 | Name : The remote printer service is affected by multiple vulnerabilities. File : cups_1_3_7.nasl - Type : ACT_GATHER_INFO |
| 2008-03-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1530.nasl - Type : ACT_GATHER_INFO |
| 2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
| 2008-03-19 | Name : The remote openSUSE host is missing a security update. File : suse_cups-5076.nasl - Type : ACT_GATHER_INFO |
| 2008-03-18 | Name : The remote host contains a web browser that is affected by several issues. File : macosx_Safari31.nasl - Type : ACT_GATHER_INFO |
