by Vincent King

July 5, 2009 in Training by Vincent King

support



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=2770ef7da219799e691de822bd795c16b7c9c4228efd4cbaf60413b7976d91ecde55b8547c301117f65d591c2a3f2e5c43d6143f261d60378e5756ea959df958c1ec60db19fe0df8105c3c37d17c44a6ce94ea3ce7a44e6af69d39144eb10ca9edff3f62e72617ae2a1a85d1f9fce2a63806227252030ca6c6328af132004cb744c7c5c77b8cad2a08158827655abc12ac1021fdf6cbe8e0515024534fd537797a47794a2a4dff22bda587e0d6dd5cf8b8805fb8abb087601d33feacc8850f67a4bc250196f21f064948bc42a3caa3a870b8c5535a7c7d6d37b7f12cf99186647831b801167432b185e993e015550aa6e26b1acc6a9e15464295cc007da7ab45c40226b70245032e898d5176f5eff4315f8f7612e37230f25a9a85b5b498fe532cecd67cac87b8b447dcbb9ad70c3cc204f5b8941c6fb5185dea66eac9ccf18584d0a3ced96ba7eb6f97d18e24802b55a1ec0d6d86614aa3917260f98d2e5cb14a2df005f213d379b957a1e634c22352772846b5c1018fc7069483d27bd32617ab2fb838791ada5917dca74445523e19b1a34ba9d57080d3b67762a6c1751746dab4acce43bb6eb0988dc497d6f8777beae97bc11e258931d09bca830cf02d17aef02d166f[[T_F]]

Comments Off

by Vincent King

Serious flaw on OS X

December 4, 2008 in Security by Vincent King

Published: 2006-02-21, Last Updated: 2006-02-21 22:15:27 UTC     -     by Kyle Haugsness (Version: 3)

… a serious vulnerability has been found in Apple Safari on OS X.  “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.”  This could be really bad.  Attackers can run shell scripts on your computer remotely just by visiting a malicious website.

Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html

The problem is due to a feature that is activated by default: Open Safe Files after downloading.  A zip file is considered safe and so they will be opened automatically.  Subsequently, a shell script with no #! at the beginning of the script will be executed automatically.  No user interaction!



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=38b4f615754392337f37a951e988c03f1052aeb57820c7a448d1351a5213e61ee781964d95c55d1f12d1878f056943a185ba9115437107fd52219390e81606cf8cbee5fc8b0ec126cd1d8545529fc5b470a014e944f275a1e8d0074f15a05f246ee6c343f8f37112617908369ecec4f8714d3179d9993b2470b15828df593da453b4b2b6b3ca246779592f59e4ec13a933c939fe8ea256daf83c39e834462da49c90649c51d04e85f38fef66fa240704d7124e21d25bd64db6009771586a4c89bddc501c8ec577018d2aaa502f5feb5fda36526ca7a33030b895d5f69872c6cd3c3216d20e85341756ccfac7fe04a48b5d7f3c85d375810a595d8ad31f62b8b45adb1d39a81d5a1c3196924e69eaf0eb2e40907d18fbd95cd988083656540c219b64e491c464324c55b0844a089325449934d64c1505e2570d86e9f0e8aea4de36349c7aa08fea72ebe2129e21743d6b967ee527e631ffa87a1fd9fcce2761845fd132ef1ae30ccc66a648bed1146f1fa7359a2d54ee8ec9ed8d444fe733e79008b430a7276605c54608c3aa5b5a452106eebc54b6ca6f9fcca9687db95c6a0859c5abb3d15ca671af8796db88c9e76864f5f664de013a962ed0e36857ff4f24cf074f24cec5[[T_F]]

Tags: , , , , , ,
0

by Vincent King

Manage Money

November 26, 2008 in Business, Checklist, Employment by Vincent King

This entry is part 1 of 1 in the series Cash Flow

Recommended:

Money savings expert



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=38b4f615754392337f37a951e988c03f1052aeb57820c7a448d1351a5213e61ee781964d95c55d1f12d1878f056943a185ba9115437107fd52219390e81606cf8cbee5fc8b0ec126cd1d8545529fc5b470a014e944f275a1e8d0074f15a05f246ee6c343f8f37112617908369ecec4f8714d3179d9993b2470b15828df593da453b4b2b6b3ca246779592f59e4ec13a933c939fe8ea256daf83c39e834462da49c90649c51d04e85f38fef66fa240704d7124e21d25bd64db6009771586a4c89bddc501c8ec577018d2aaa502f5feb5fda36526ca7a33030b895d5f69872c6cd3c3216d20e85341756ccfac7fe04a48b5d7f3c85d375810a595d8ad31f62b8b45adb1d39a81d5a1c3196924e69eaf0eb2e40907d18fbd95cd988083656540c219b64e491c464324c55b0844a089325449934d64c1505e2570d86e9f0e8aea4de36349c7aa08fea72ebe2129e21743d6b967ee527e631ffa87a1fd9fcce2761845fd132ef1ae30ccc66a648bed1146f1fa7359a2d54ee8ec9ed8d444fe733e79008b430a7276605c54608c3aa5b5a452106eebc54b6ca6f9fcca9687db95c6a0859c5abb3d15ca671af8796db88c9e76864f5f664de013a962ed0e36857ff4f24cf074f24cec5[[T_F]]

Tags: , ,
0

← Previous Entries