December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=1c50800cd9c903a7c0609dc5502575ed055ad9600b17d4019a352286265aa0de6f0afc0afe3828abdfde8cb1223f8728019e2a2cb32e903ba708fedfa52edc8c40d610cdacdf26d8297ece3bc89e027344aa553e53f37315480ebeadb1e7de0450012a38e0d60e192b6e3c56d3d370bcebe4203432286b9919240a14e428bb85799bf2c39deddc333124b916546b89239d2115d08c7e58df13ffc71a68038ab3be4ab27ffe6172dba1c14a92bdabaaf21a1eb56992e4b40fe44b7644620f93ff7132a0eb4922a93a2a87b8181db8b1f5752b565f01ea7d8abd11171793e9ee211448fbf446e7a35b1b2142d8b65ee8f755e37077530ee79d915093f0af75778ae8ccf709bcad2f02edcb71bfdc32e284f17fceea67cdb7c1ab9322128c80e887d523a0afe0f9edc0df3e3c5a5a7ff52689717623797c1bfa64477b90262d2b71ac725bfe6f611acfa755a831b5d572dc5c76f89537c198118737b3d42c86c87b94d0111816ac558ac3554cd81bb4ad3a54efe0f740e7181ab1b109d40f05e3318917b4037ac4a0e7c3a36a61c91dc9b52bf5b7de236c2c6eaaed5f9b903ca76f3585b87609cd6086f0b4e9c8258d7765edf6463c6910b82950a7524af36c233c4adb98ab76ef14b800d056169b5e7a2ab5467a2ab494[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
