Vulnerabilities > CVE-2005-2748 - Unspecified vulnerability in Apple mac OS X and mac OS X Server

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
local
low complexity
apple
nessus

Summary

The malloc function in the libSystem library in Apple Mac OS X 10.3.9 and 10.4.2 allows local users to overwrite arbitrary files by setting the MallocLogFile environment variable to the target file before running a setuid application.

Nessus

NASL familyMacOS X Local Security Checks
NASL idMACOSX_SECUPD2005-008.NASL
descriptionThe remote host is running Apple Mac OS X, but lacks Security Update 2005-008. This security update contains fixes for the following applications : - ImageIO - LibSystem - Mail - QuickDraw - Ruby - SecurityAgent - securityd
last seen2020-06-01
modified2020-06-02
plugin id19773
published2005-09-23
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/19773
titleMac OS X Multiple Vulnerabilities (Security Update 2005-008)
code
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(19773);
 script_version("1.19");
 script_cvs_date("Date: 2018/07/14  1:59:35");

  script_cve_id("CVE-2005-1992", "CVE-2005-2524", "CVE-2005-2741", "CVE-2005-2742", "CVE-2005-2743",
                "CVE-2005-2744", "CVE-2005-2745", "CVE-2005-2746", "CVE-2005-2747", "CVE-2005-2748");
 script_bugtraq_id(14914, 14939);

 script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2005-008)");
 script_summary(english:"Check for Security Update 2005-008");

 script_set_attribute(attribute:"synopsis", value:"The remote operating system is missing a vendor-supplied patch.");
 script_set_attribute(attribute:"description", value:
"The remote host is running Apple Mac OS X, but lacks
Security Update 2005-008.

This security update contains fixes for the following
applications :

- ImageIO
- LibSystem
- Mail
- QuickDraw
- Ruby
- SecurityAgent
- securityd");
 # http://web.archive.org/web/20060419122213/http://docs.info.apple.com/article.html?artnum=302413
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b7db6d8b");
 script_set_attribute(attribute:"solution", value:
"Mac OS X 10.4 :
http://support.apple.com/downloads/Security_Update_2005_008__Mac_OS_X_10_4_2_

Mac OS X 10.3 :
http://support.apple.com/downloads/Security_Update_2005_008__Mac_OS_X_10_3_9_");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2005/06/22");
 script_set_attribute(attribute:"patch_publication_date", value:"2005/06/22");
 script_set_attribute(attribute:"plugin_publication_date", value:"2005/09/23");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"MacOS X Local Security Checks");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}


packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.* (7\.[0-9]\.|8\.2\.)", string:uname) )
{
  if (!egrep(pattern:"^SecUpd(Srvr)?(2005-008|2006-00[123467]|2007-003)", string:packages)) security_hole(0);
}