December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=c8f36ad8274ee278937df9500cfdad35dd8201b8d3cf235ec531749d95ab140b47e51e656f7c74358edf26377ebfbbfee094757379f7287d93e5e2cad5778b1f2c09b80f570bf58a365db3b2ce1bbca0ede6a973a8c0daf96cdf939753ed06dc88c9c45868ff76c1f1776495167c05536f970646c783bd149745a44b478ebd529caf293cdbacc4b6974e946043bdd73cd71418c97aa7283704045322eb456181b26182b4b2cd203dcc4e6101b1ede0931d9a82ce514e920ffb40753cad9d9211597f1b89d446ebc75d1ab34e4e629b012e0bbf12beca4647b4792e02c12d9dd4e4f66b6e18c5107847026f49470fb4a6928b088e48f74346bc7830a7bad0f3f7ac723f4ad611cc6ca04a56347d66324624fe8fed8cb0a878a603eeeaf6685a7228e6d6d11d1d564fe4bb4b45ef5b519e5d61875e96c5b37f40f14d1e55776b9c36670ae9cac2034c1111445883c62a998aa7c6ce05f0a4395e8009b59984f102bc2f0130198ec0f3dd02b4c91649372b218d836c1a36a19702c6532e95588b89b09395dd80c660c317d123307f95efedfbd9e472550bb9d777c2a2d945ba3368a448c07a39e555afbd359b437cb1c860f188e074922bb4fbe492034073ae37cc60d8d00fd0db4d69332a4f69332b84[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
