Mac OS X Local Security Checks : Apple Mac OS X Information Disclosure Vulnerability (HT207615)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.810982

Categoría: Mac OS X Local Security Checks

Título: Apple Mac OS X Information Disclosure Vulnerability (HT207615)

Resumen: Apple Mac OS X is prone to an information disclosure vulnerability.

Descripción: Summary:
Apple Mac OS X is prone to an information disclosure vulnerability.

Vulnerability Insight:
The flaw is due to an error in time
computation.

Vulnerability Impact:
Successful exploitation will allow local
attacker to leak sensitive user information.

Affected Software/OS:
Apple Mac OS X version 10.11.x through
10.11.6 and 10.12.x through 10.12.3

Solution:
For Apple Mac OS X version 10.12.x through
10.12.3 upgrade to 10.12.4 and for versions 10.11.x through 10.11.6 apply the
appropriate security patch.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-7056
1037575
http://www.securitytracker.com/id/1037575
95375
http://www.securityfocus.com/bid/95375
DSA-3773
https://www.debian.org/security/2017/dsa-3773
RHSA-2017:1413
https://access.redhat.com/errata/RHSA-2017:1413
RHSA-2017:1414
https://access.redhat.com/errata/RHSA-2017:1414
RHSA-2017:1415
http://rhn.redhat.com/errata/RHSA-2017-1415.html
RHSA-2017:1801
https://access.redhat.com/errata/RHSA-2017:1801
RHSA-2017:1802
https://access.redhat.com/errata/RHSA-2017:1802
[oss-security] 20170110 CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
https://seclists.org/oss-sec/2017/q1/52
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7056
https://eprint.iacr.org/2016/1195
https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/033_libcrypto.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/016_libcrypto.patch.sig
https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=8aed2a7548362e88e84a7feb795a3a97e8395008
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7056.html
https://security-tracker.debian.org/tracker/CVE-2016-7056

Copyright Copyright (C) 2017 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.810982
Categoría:	Mac OS X Local Security Checks
Título:	Apple Mac OS X Information Disclosure Vulnerability (HT207615)
Resumen:	Apple Mac OS X is prone to an information disclosure vulnerability.
Descripción:	Summary: Apple Mac OS X is prone to an information disclosure vulnerability. Vulnerability Insight: The flaw is due to an error in time computation. Vulnerability Impact: Successful exploitation will allow local attacker to leak sensitive user information. Affected Software/OS: Apple Mac OS X version 10.11.x through 10.11.6 and 10.12.x through 10.12.3 Solution: For Apple Mac OS X version 10.12.x through 10.12.3 upgrade to 10.12.4 and for versions 10.11.x through 10.11.6 apply the appropriate security patch. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7056 1037575 http://www.securitytracker.com/id/1037575 95375 http://www.securityfocus.com/bid/95375 DSA-3773 https://www.debian.org/security/2017/dsa-3773 RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413 RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414 RHSA-2017:1415 http://rhn.redhat.com/errata/RHSA-2017-1415.html RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 [oss-security] 20170110 CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL) https://seclists.org/oss-sec/2017/q1/52 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7056 https://eprint.iacr.org/2016/1195 https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/033_libcrypto.patch.sig https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/016_libcrypto.patch.sig https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=8aed2a7548362e88e84a7feb795a3a97e8395008 https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7056.html https://security-tracker.debian.org/tracker/CVE-2016-7056
Copyright	Copyright (C) 2017 Greenbone AG