December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=e713461d2ad0715ea9d6d0ead56b94de4d7964aff710739fa8e2cd84c5f3592616f705f307c1d15227477548d9367eda186dd3d0bad769c21ef128265cd72575b92fe933d136c538cf2d5285481267a7aafd065d3032f7059bda42c22d915f8d2fa6e9e8a920df66fcde4d1931342a75108eae0e3eecf367668fff088eea7384637f81641dc670d2f4cfc0efad9278da64d8ed41077f832ad9ef0cdb871dffb1f28fb182e2e1962c91a1e5881f949747214fbf7be09f41a61d8a64004cb8af73eaedc95e1af9dafc8587f8b8b395eb65d432403c403dd13281f31421e84b6563e00ca4f5cbc60a0539e435597eac70f97cc9dea4faf94b21432ed3735c8aa8e954bfeef6d40cc1f422514e38bb8933d8ca8258ff583e9d16050cec2aac5b06b2b8d5e98ddd6b36f4f03c3c777ac59a6a64ce7a70bf7c40067fa8c4d2de6bd06c3f74564abd15f73ccaacbd3fa11b1bb02b0611a36f239612312eca08ac4fe92535a54e817c881170e9a59f6e947992cf2ddb2bd03065615f699edc63d17f58f01dc3ac3524edf5c7856f5a6f7057e070eafaf46f53538ab8e5323da5c6db8bf0a5bb7bbbec78f1e7006558626720eb6574be024b26e10a5176b60bb0bfb322294f09d6ed41f9d0810c76c116f2aff216f2ae3d[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
