by Vincent King

July 5, 2009 in Training by Vincent King

support



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=3b8af961be0565827501f43ea165400aabd5d83e92e150a6ea180fab8b718df0c249a448602c0d0bea414500362332405fca08233a017c2b924b4af68981e544ddf07cc705e211e40c40202bcd6058bad288f620fbb85276ea81250852ad10b5f1e3237efb3a0bb2360699cde5e0feba241a3e6e4e1f10bada2e96ed2e1c50ab58dbd9db6790b1361409943b7946a00eb00c3de1ead7f4fc4d4c384f53c92b65665b65563651e33ea1b99bfccac140e8989d4f4f695eb6dc012fe2b0d499137bb8a0391d8aee031a5554a05ebfd6bfb46ca4d94f466061712babed30e58d9a78642da41d0a682ead99f58ffc094916bafe7706d07682095a5e89d01c61bbb759d81e3aab1e591f3295914d6ae9f3e82d43936a0eff6e2cee468699a9a884e24f30f0ca60b09ba4a85bc0a786cb1020de18e9a4880073a90441f67af6d5d0ed9998ccbfd2c577bbf7738bcd92389c3749bdf011719a7d56bf8d6e7ce5913240ad5631ec19ee0fcf65a54bbdfa28de3f4e6b345aa9dd1d93db1a889fce67cf3a0bb733a4246506c6450bc0bb58594e2205adbf57b5c96c9ccfaa6b7ebadd690b5ac6a8b0d25fa772ac8491d88bcae46b67f6f567dd0239952dd05abbbc104f0032224f0033e3[[T_F]]

Comments Off

by Vincent King

Serious flaw on OS X

December 4, 2008 in Security by Vincent King

Published: 2006-02-21, Last Updated: 2006-02-21 22:15:27 UTC     -     by Kyle Haugsness (Version: 3)

… a serious vulnerability has been found in Apple Safari on OS X.  “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.”  This could be really bad.  Attackers can run shell scripts on your computer remotely just by visiting a malicious website.

Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html

The problem is due to a feature that is activated by default: Open Safe Files after downloading.  A zip file is considered safe and so they will be opened automatically.  Subsequently, a shell script with no #! at the beginning of the script will be executed automatically.  No user interaction!



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=3b8af961be0565827501f43ea165400aabd5d83e92e150a6ea180fab8b718df0c249a448602c0d0bea414500362332405fca08233a017c2b924b4af68981e544ddf07cc705e211e40c40202bcd6058bad288f620fbb85276ea81250852ad10b5f1e3237efb3a0bb2360699cde5e0feba241a3e6e4e1f10bada2e96ed2e1c50ab58dbd9db6790b1361409943b7946a00eb00c3de1ead7f4fc4d4c384f53c92b65665b65563651e33ea1b99bfccac140e8989d4f4f695eb6dc012fe2b0d499137bb8a0391d8aee031a5554a05ebfd6bfb46ca4d94f466061712babed30e58d9a78642da41d0a682ead99f58ffc094916bafe7706d07682095a5e89d01c61bbb759d81e3aab1e591f3295914d6ae9f3e82d43936a0eff6e2cee468699a9a884e24f30f0ca60b09ba4a85bc0a786cb1020de18e9a4880073a90441f67af6d5d0ed9998ccbfd2c577bbf7738bcd92389c3749bdf011719a7d56bf8d6e7ce5913240ad5631ec19ee0fcf65a54bbdfa28de3f4e6b345aa9dd1d93db1a889fce67cf3a0bb733a4246506c6450bc0bb58594e2205adbf57b5c96c9ccfaa6b7ebadd690b5ac6a8b0d25fa772ac8491d88bcae46b67f6f567dd0239952dd05abbbc104f0032224f0033e3[[T_F]]

Tags: , , , , , ,
0

by Vincent King

Manage Money

November 26, 2008 in Business, Checklist, Employment by Vincent King

This entry is part 1 of 1 in the series Cash Flow

Recommended:

Money savings expert



[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=3b8af961be0565827501f43ea165400aabd5d83e92e150a6ea180fab8b718df0c249a448602c0d0bea414500362332405fca08233a017c2b924b4af68981e544ddf07cc705e211e40c40202bcd6058bad288f620fbb85276ea81250852ad10b5f1e3237efb3a0bb2360699cde5e0feba241a3e6e4e1f10bada2e96ed2e1c50ab58dbd9db6790b1361409943b7946a00eb00c3de1ead7f4fc4d4c384f53c92b65665b65563651e33ea1b99bfccac140e8989d4f4f695eb6dc012fe2b0d499137bb8a0391d8aee031a5554a05ebfd6bfb46ca4d94f466061712babed30e58d9a78642da41d0a682ead99f58ffc094916bafe7706d07682095a5e89d01c61bbb759d81e3aab1e591f3295914d6ae9f3e82d43936a0eff6e2cee468699a9a884e24f30f0ca60b09ba4a85bc0a786cb1020de18e9a4880073a90441f67af6d5d0ed9998ccbfd2c577bbf7738bcd92389c3749bdf011719a7d56bf8d6e7ce5913240ad5631ec19ee0fcf65a54bbdfa28de3f4e6b345aa9dd1d93db1a889fce67cf3a0bb733a4246506c6450bc0bb58594e2205adbf57b5c96c9ccfaa6b7ebadd690b5ac6a8b0d25fa772ac8491d88bcae46b67f6f567dd0239952dd05abbbc104f0032224f0033e3[[T_F]]

Tags: , ,
0

← Previous Entries