Apple fixes Xsan security flaw

Attackers could exploit a security flaw in Apple's Xsan file system to launch malicious code and crash vulnerable machines, but a fix is available.

Apple Computer Inc. has fixed a security flaw attackers could exploit in its Xsan file system software to launch malicious code or crash vulnerable machines.

The flaw is of particular concern to enterprises that use Apple's latest operating system, as Xsan enables the creation of an enterprise-class storage area network (SAN) for the Mac OS X operating system and the Mac OS X Server.

The Cupertino, Calif.-based vendor said the application fails to do a proper bounds check of user-supplied input before copying it into an insufficiently sized buffer. The vulnerability presents itself at the file system driver when certain unspecified path names are processed.

"A malicious user with write access to an Xsan volume may be able to trigger the overflow on systems directly attached to Xsan," Apple said. "This could lead to a system crash or arbitrary code execution with system privileges."

Apple said the problem is fixed in the newly released version 1.4 by performing additional validation of path names.

Cupertino, Calif.-based antivirus giant Symantec Corp. analyzed the problem and, in an advisory sent to customers of its DeepSight Threat Management Service, said, "This issue may allow remote attackers to execute arbitrary machine code with system privileges on computers directly attached to the vulnerable file system. Failed exploit attempts will likely result in a system crash, denying service to legitimate users."

While Apple has fixed the problem with the release of version 1.4, Symantec said customers can mitigate the effects of the flaw by:

  • Not accepting, opening or executing files from untrusted or unknown sources.
  • Permitting privileged access for trusted individuals only.
  • Disabling unnecessary permissions to untrusted users. Since the flaw requires write access to the file system, this measure would reduce the likelihood of successful exploits.
  • Implementing multiple redundant layers of security.

    Apple credited Andrew Wellington of the Australian National University with discovering and reporting the issue.

  • Read more on PC hardware