Fix in for Apple flaw

Apple Computer issued a patch for its Xsan Filesystem software on Thursday, designed to fix vulnerabilities that could allow attackers to execute arbitrary code or crash a system. The patch, Xsan Filesystem 1.4, is targeted at systems running Mac OS X version 10.4.7 and Mac OS X Server version 10.4.7.

The Xsan Filesystem flaws could enable a malicious attacker to launch a buffer overflow attack when the software driver is processing a path name. That could lead to a system crash or arbitrary code execution with system privileges, Apple said.

[J.G.]

All Apple systems or just servers?

You need to be more specific in describing the problem. One can't
tell whether you are saying any system running OS X is effected or
just XServe systems.

[James P. Larsen]

Looks clear to me...

The article says:
"The patch, Xsan Filesystem 1.4, is targeted at
systems running Mac OS X version 10.4.7 and
Mac OS X Server version 10.4.7."

That sounds to me like _any_ Mac running Mac
OS X 10.4.7 as well as any computer running
the same version of OS X server.

JPL

[reader951]

Only Systems / Servers Running Xsan

This only affects systems and servers running a specific piece of
software called Xsan. It does not appear under software update if
not running it.
Reference for software is http://www.apple.com/xsan/
Reference for update is http://docs.info.apple.com/article.html?
artnum=302143

[M C]

CNet: Kings of the LOL headline

An obscure bug in a limited-release products gets the headline "Fix In For Apple Flaw."

Page views must be sagging or something...

MUHAHAHAHAHAHAHAHAHAHAHAHA!

CNET plays this off as a massive flaw when it
http://www.techknowcafe.com/content/view/504/43/
affects like 3 people on the planet. LOL!