Vulnerabilities > CVE-2006-3506 - Buffer Overflow vulnerability in Apple mac OS X, mac OS X Server and Xsan

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

apple

NVD

Published: 2006-08-21

Updated: 2011-03-08

Summary

Buffer overflow in the Xsan Filesystem driver on Mac OS X 10.4.7 and OS X Server 10.4.7 allows local users with Xsan write access, to execute arbitrary code via unspecified vectors related to "processing a path name." This vulnerability is addressed in the following product release: Apple, Xsan, 1.4

Vulnerable Configurations

Part	Description	Count
Application	Apple Apple Xsan 1.0 Apple Xsan 1.2 Apple Xsan 1.3	3
OS	Apple Apple MAC OS X 10.4.7 Apple MAC OS X Server 10.4.7	2

References

http://docs.info.apple.com/article.html?artnum=304188
http://secunia.com/advisories/21551
http://securitytracker.com/id?1016711
http://www.kb.cert.org/vuls/id/737204
http://www.osvdb.org/27994
http://www.securityfocus.com/bid/19579
http://www.vupen.com/english/advisories/2006/3315