December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=1b70cf3655d14bdb6379af73a7c9541f37fa62d7ae0519f58814a7a24b637c42ddf12855e85564e0c01de149c6a4451b272a95a06226214ee41328363f30515dc9fadf6ef981dd235de097596418cd6a763ee39c299f4f513c16c1e86069d4c377df7d3a0ebe34201727603258dddd7eb4c5e1a6acafa2837a3a24b3bcc4a2eb740a7bd25a0d90e746a30053e60e49b7e0b760e6cb5c3b8dfee8c986608b18440dc5aa0dcba7afcf7e69cfc74af849097d0d5fb7bca3cf7bd32d9764b795f76aecacc0f9dd6743d94079fba852520ab8ccb938337ca33d57ecf5fa48e9ad553dd26e2eb850e6ed1c1236f22ea5183776ecdae7de2484ab7d5f1ca5f355a12a797daaf33f4298947aeb3d19883d723cf1b6b26e49cad0cb0e60b0592ddc4d0fcea1a9ba8a8ba7116c13d3e94393b8878b79e384d9693103ed3bca87ab23508a2762f519d5f6f3cebabbeeda80afca52cbc232bec15659f40fdeeeacef407f885a3fb9dcec0741a47fa912d73acb2cec46ce325fb1344b2e723d6cb70bd4e6c5576703865238526c234c6d57373197e3fbc250cef83250210dd01cc36f036f7977f4455019d033e6f9f3d7bfa55768e0afa56f8d9071f94958d5deb978211ab60ed04aa86a4cf3709033f37091fa[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
