##############################################################################
#
#  MacOS X Security Update : 2005-008
#
#  Copyright: OS2A and it's member companies
#
#  Date Written: 2006/12/05
#
#  $Revision: 1.1 $
#
#  $Log: os2a_macosx_secupdate_2005-008_605062.nasl,v $
#  Revision 1.1  2006/12/07 14:08:15  shraddha
#  To Production Issue #3366
#
#
#  Revision 1.1  2006/12/05 07:00:39  nrnandini
#  ------------------------------------------------------------------------
#  This program was written by OS2A and/or it's member companies and is
#  licensed under the GNU GPL license. Please see below for details. This
#  header contains information regarding licensing terms under the GPL, and
#  information regarding obtaining source code from the Author. Consequently,
#  pursuant to section 3(c) of the GPL, you must accompany the information
#  found in this header with any distribution you make of this Program.
#  ------------------------------------------------------------------------
##############################################################################


if(!defined_func("bn_random")) exit(0);
if(description)
{
 script_id(605062);
 script_bugtraq_id(14914);
 script_cve_id("CVE-2005-1992, CVE-2005-2524, CVE-2005-2741, CVE-2005-2742",
	       "CVE-2005-2743, CVE-2005-2744, CVE-2005-2745, CVE-2005-2746",
	       "CVE-2005-2747, CVE-2005-2748");
 script_copyright(english:"Copyright (C) 2006 OS2A");
 script_version("$Revision: 1.1 $");
 script_category(ACT_GATHER_INFO);
 script_family(english:"MacOS X Local Security Checks");
 script_name(english:"MacOS X Security Update : 2005-008");
 script_summary(english:"Check for Security Update 2005-008");
 desc["english"] = "
 Overview : This host is missing the security update 2005-008 for MAC OS X.

 Apple has fixed 10 flaws in this update. Details regarding these can be found
 at, http://secunia.com/advisories/16920/

 Impact : Successful exploitation of these issues could result in attackers to
 execute arbitrary commands, cause a denial of service, disclose sensitive
 information, create or overwrite arbitrary files when running suid root
 applications or bypass security restrictions.
 
 Scope of impact is limited to system level.

 Affected Platform : Apple Mac OS X version 10.4.2 and prior.
                     Apple Mac OS X version 10.3.9 and prior.

 Solution :
 Apply the appropriate update,

 Security Update 2005-008 for Mac OS X 10.3.9,
 http://www.apple.com/support/downloads/securityupdate2005008macosx1039.html

 Security Update 2005-008 for Mac OS X 10.4.2,
 http://www.apple.com/support/downloads/securityupdate2005008macosx1042.html

 References : http://docs.info.apple.com/article.html?artnum=302413

 Risk factor : Critical";
 script_description(english:desc["english"]);
 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/uname", "Host/MacOSX/packages",
		     "Host/MacOSX/Version");
 exit(0);
}


 include("os2a_macosx_pkg.inc");

 if("Darwin" >!< get_kb_item("Host/uname")){
	exit(0);
 }

 if(!get_kb_item("Host/MacOSX/packages") ||
    !get_kb_item("Host/MacOSX/Version")){
	exit(0);
 }

 if(macosx_release_check(
	release:"10\.([0-2](\..*)?|3(\.[0-8])?|4(\.[01])?)($| Server)")){
	security_hole(0);
 }
 else if(macosx_release_check(release:"10\.(3\.9|4\.2)($| Server)"))
 {
 	if(!macosx_pkg_check(pkg:"^SecUpd(Srvr)?2005-008[^0-9]")){
		security_hole(0);
	}
 }