Buffer Overflow in Xsan Filesystem Driver on Mac OS X and OS X Server
CVE-2006-3506

Currently unrated

Key Information:

Vendor: Apple
Status: Xsan
Vendor: CVE Published:; 21 August 2006

What is CVE-2006-3506?

The Xsan Filesystem driver in Mac OS X 10.4.7 and OS X Server 10.4.7 contains a buffer overflow vulnerability that allows local users with Xsan write access to execute arbitrary code. This flaw emerges from improper handling of input while processing pathname information, enabling potential exploitation through unspecified vectors. Users must take precautions to mitigate the associated risks.

References

http://docs.info.apple.com/article.html?artnum=304188

vendor-advisoryx_refsource_APPLE

http://www.vupen.com/english/advisories/2006/3315

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/27994

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2006
Vulnerability Reserved
Jul 10, 2006

Apple

What is CVE-2006-3506?

References

Timeline