Xsan update fixes serious screen sharing security problem
Apple has updated Xsan to 2.2. The software is used to manage a Storage Area Network (SAN) — a cluster of high-speed hard drives connected using Fibre Channel networking technology. Xsan 2.2 documents a security issue that has been addressed involving screen sharing.
“Screensharing via the Xsan Admin application could present an error dialog containing the user’s name and password,” according to Apple.
The issue is limited to using the Xsan Admin application, not Xsan Filesystem itself.
Apple credits Kadimac Corp Macintosh Integrators’ Ben Greisler for reporting the flaw.