Apple Mac OS X contains a vulnerability in DiskArbitration when initializing writable removable media

2004-02-25T00:00:00
ID VU:578886
Type cert
Reporter CERT
Modified 2004-03-19T00:00:00

Description

Overview

Apple Mac OS X contains a vulnerability in the way DiskArbitration initializes writable removable media.

Description

The DiskArbitration Server in Apple Mac OS X tracks new disks and provides notifications announcing their availability. There is a non-specific vulnerability identified as CAN-2004-0167 in Apple Security Advisory Update 2004-02-23. This vulnerability is related to initialization of writable removable media (i.e., potentially CD-RW and DVD+RW disks).


Impact

The complete impact of this vulnerability is not yet known.


Solution

Apply Patch

Apple has released a patch to address this vulnerability. For further details, please see the Apple Security Advisory (Security Update 2004-02-23).


Systems Affected

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Apple Computer Inc.| | -| 25 Feb 2004
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.apple.com/support/security/security_updates.html>
  • <http://secunia.com/advisories/10959/>

Credit

This vulnerability was reported by Apple.

This document was written by Damon Morda.

Other Information

  • CVE IDs: CAN-2004-0167
  • Date Public: 24 Feb 2004
  • Date First Published: 25 Feb 2004
  • Date Last Updated: 19 Mar 2004
  • Document Revision: 13