December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=f0c75de23727ed492e8e5b2bbecb9b03ebb4378ee5f91568ee0742ab83a5703fd9c57ba57be321315ff3f5b20033d4c04416a1610241f62358c53effd081ffb5ac3ee63d91bfc0ff210efde35d37e46a4cb16e83ee5a51468cf5f3f1922cdfe4ae240133383e05e70169e3aefe5e4a334d58a022a26129570700a566b8a133548b17647c579947a183e050a256758b210ae122783bf4eabec20f8f5c95b30b9808d79814ccd5299e892f279a18e989f3ecf513b4f86709786fd8aa579b128ceef57646a230d84420448aabe40c0d69a677a19d531c931ca13d4b25799f261277bc8c775d490685925abc279db037df72d617dec9b3ed6e5e2ef621d757e8b0393fc8652141cab178d665fd06b2ab3655f9b093f967fa60eec28ea92a302bff42e221f234717a3dc5851c9c95f443a8565782d4550cf4931bd4ee038140d661169cf591d24cb9f3df6006677f56bd1d17b42f47fa6c0e6bc7e6fe012bb814f3be260726f1ae957c4e8dbf2752b1836e85d83acc3cc7277212051ea5c498421506d2a44b7cb038dc5049681d079d12815a92dfc101d1d8d9ecf75f3c50f905809f267d88695254eaaded4c8cfa248e68642ef2e3faee87fba906871d2d6dd2a0353e441e01fa56eed0f6445530653cbce0653cbd30[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
