Apple Computer Inc. has fixed a security flaw attackers could exploit in its Xsan file system software to launch malicious code or crash vulnerable machines.
The flaw is of particular concern to enterprises that use Apple's latest operating system, as Xsan enables the creation of an enterprise-class storage area network (SAN) for the Mac OS X operating system and the Mac OS X Server.
The Cupertino, Calif.-based vendor said the application fails to do a proper bounds check of user-supplied input before copying it into an insufficiently sized buffer. The vulnerability presents itself at the file system driver when certain unspecified path names are processed.
"A malicious user with write access to an Xsan volume may be able to trigger the overflow on systems directly attached to Xsan," Apple said. "This could lead to a system crash or arbitrary code execution with system privileges."
Apple said the problem is fixed in the newly released version 1.4 by performing additional validation of path names.
Cupertino, Calif.-based antivirus giant Symantec Corp. analyzed the problem and, in an advisory sent to customers of its DeepSight Threat Management Service, said, "This issue may allow remote attackers to execute arbitrary machine code with system privileges on computers directly attached to the vulnerable file system. Failed exploit attempts will likely result in a system crash, denying service to legitimate users."
While Apple has fixed the problem with the release of version 1.4, Symantec said customers can mitigate the effects of the flaw by:
Apple credited Andrew Wellington of the Australian National University with discovering and reporting the issue.