December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=183c8132df755561e0775cf4cb0ab7dba1b656b8e22515e0866da841697648d77b225fe25f6eeaca171743cca86f012ae0876a6bcc2b44ee0922df5709ab57c3f0d564d38bd72956eabf536e12c7607c31ca75af741c3c25b2e34f4b8c991761f4e0aa6ed8d56366aa3b6ff554143ccfda19e8edec6afa06a6a9e265d9eace01be861c50079b97ec2ca9cea575fa02a807a8a594c3ff76d7241f11067ae0024c0f724c7f1f78bc560890b2444f8a0a5a7636773916f8040be04f7240660b97fb7536a4ef4d26ad3e2e83bc1c19bcb5f1712f525b05ee798eb915131397edea25104cfff042e3a75f1f2546dcb25aecf351e77473570ae399955497f4ab71738eecc8f30db8a92b06e9cf75bbd836e680f57bcaee63c9b3c5af9726168884ec83d127a4abe4fde9c4db3a385e5e7bf1228d7572277d781ffe60437f9422292f75a8765ffa6b651ecba351ac35b1d176d85872fc9133c59c158333b7d02882cc7f90d4151c12a8518ec75148dc1fb0a93e50ebe4f344e31c1eb5b50dd00b01e7358d13b0077ec0a4e3c7a76e65cd19cdb12ff1b3da2768286aaee95b9f9438a36b3181bc720dc96482f4b0edcc21897361e9f242386d14bc2d54a3564ef76827384edf9caf72eb10bc04d04a4ee36738746fd438746e06[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
