SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   Xsan Vendors:   Apple
Apple Xsan Filesystem Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016711
SecurityTracker URL:  http://securitytracker.com/id/1016711
CVE Reference:   CVE-2006-3506   (Links to External Site)
Date:  Aug 17 2006
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.4
Description:   A vulnerability was reported in Xsan. A remote authenticated user can execute arbitrary code on the target system.

A remote user with write privileges on the Xsan volumen can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with system privileges.

Apple credits Andrew Wellington of The Australian National University with reporting this vulnerability.

Impact:   A remote authenticated user can execute arbitrary code on the target system.
Solution:   Apple has issued a fixed version (1.4), available at:

http://www.apple.com/support/downloads/

The download file is named: "XsanFilesystemUpdate1.4.dmg"
Its SHA-1 digest is: 504c111b9b8a350363bf1c13910d499faff0b9f8

Vendor URL:  docs.info.apple.com/article.html?artnum=61798 (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (macOS/OS X)

Message History:   None.


 Source Message Contents

Subject:  APPLE-SA-2006-08-17 Xsan Filesystem 1.4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2006-08-17 Xsan Filesystem 1.4

Xsan Filesystem 1.4 is now available.  Along with functionality
improvements (see release notes), it also fixes the following
security issue:

CVE-ID:  CVE-2006-3506
Available for:  Mac OS X v10.4.7, Mac OS X Server v10.4.7
Impact:  Malicious users may be able to cause systems using Xsan
to crash or execute arbitrary code
Description:  A buffer overflow may occur in the Xsan Filesystem
driver when processing a path name. A malicious user with write
access to an Xsan volume may be able to trigger the overflow on
systems directly attached to Xsan. This could lead to a system
crash or arbitrary code execution with system privileges. This
update addresses the issue by performing additional validation
of path names. Credit to Andrew Wellington of The Australian
National University for reporting this issue.

Xsan Filesystem 1.4 may be obtained from:
http://www.apple.com/support/downloads/

The download file is named:  "XsanFilesystemUpdate1.4.dmg"
Its SHA-1 digest is:  504c111b9b8a350363bf1c13910d499faff0b9f8

Information will also be posted to the Apple Product Security
web site:  http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.3 (Build 2932)

iQEVAwUBROTX74mzP5/bU5rtAQh6ZAgA2HlHIO8dGKi0OGlRACp0umPSBdUR1UZm
2zX19BeSkY3ZKiStkYzZvtm2KCcsu6jhidekfnSIjrBdj39oUXgrL8DIjuI2skWV
3onc0p6VDuEAKAlGWxayi3aOTWGniU9wCvX1Tv0nQPH6oCqMVWQPrKTkZIRo2Yew
MiY02WAyyKlnnsar89Fpy6kE4I47U5rA/kWkjGa/exxIEmVohoLdlhR9i35o322Z
X7WDjxRPMFSVk1uSjYnoyTBOET5VqL0D/7TMMbpa4lXTDzqyOsvZoXZbU99+ECZQ
tomsBdfMnl9ca7ybHjfXHKLNWFucuQkBEr/oLf+xVjfowd88O0dg9w==
=P4Ho
-----END PGP SIGNATURE-----

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (Security-announce@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC