Vulnerability Note VU#737204
Xsan Filesystem fails to properly process path names
A buffer overflow vulnerability in Apple's Xsan product may allow a local attacker to run arbitrary code with root privileges or create a denial-of-service condition.
Xsan is a Storage Area Network (SAN) filesystem designed for use by Apple OS X and OS X Server operating systems.
A local, authenticated attacker may be able to execute arbitrary code with system privileges, or create a denial-of-service condition.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer, Inc.||Affected||-||21 Aug 2006|
CVSS Metrics (Learn More)
This vulnerability was reported by Apple, who credit Andrew Wellington of The Australian National University for reporting this vulnerability.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2006-3506
- Date Public: 17 Aug 2006
- Date First Published: 21 Aug 2006
- Date Last Updated: 21 Aug 2006
- Severity Metric: 0.31
- Document Revision: 24
If you have feedback, comments, or additional information about this vulnerability, please send us email.