December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=f25d58d730047dc6e460d7014ced532cd8f7368a5fd1a799548e8c78fce3bc3395c4b90481880c2cf15da52d8969ebc9467c4c8f8acda208ffc4c6d35cbdb125163382156d31cfb10c678988f421869ad7dc934992fae1c356fda92c85f82f9b33b1aa92f3dfcfa1c0cceb08ac463f6955ad3c7cfdb9872ead7f9e717db48768a695a2a85be1011d95e3952820df45ff05f536026e99d634f13124188ae168505ca8509d1c83783f4323aa36eec0c675437e839a74beb5c17a4f0697a7a82b634521b3ee7cd1fd672089747458a13b14319d2884f07c7d8e43147756a0f8dc444c115422ff2a4255b7abe26bd2c5a7e162563a4033c686d97531b8c91fb94dc69591461fd3ae74789617d1f564d196d0fd5a5e82a5263c27e28c5ca5c130a1e32189495666674b2d80ff3f05af7f546b67940f684904dfef11d7266b47cfbc66cb8e39b5391a1f22565703701d0ab87438bc44025df753f886723fdebe55b2997042a1b32a5efd8f6299fe23d621c000aa6a847235e711f081a4fb956612d25c14d5475001a800f5c478fc6bebaac9098ac40f74979681edca6270987a06a3530065a4b17512a6c49509677f1d9068bd634b5e1744052ba4a8393aa812cdf65ae2d062c90b18eb782f15eb782edf[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
