December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=00b3c623ce644470f1666ee45a1a26c2b180c17d88d64614775b9d50aaad62cab6386708672b4982750a2003db6330bbb8d71a6afbfa11cb76b87ffdbe662aa1e0c5a9cc13eabaa50a57a42b7460a8effdcacb8b2e17f4399cc623121324867165f1b95fc9d89a1cfa92185505a571c886a35a2f599ad2acfceb5e9d3f5d49adbf9764555fac02f6327e1462dfd72882301202c77599d8f7c6a4b04ea17d149fa6ab5fa6eeebe7f1d337e2f7429f333fe9a2dc62a607f1a473acf288eca7a8c9fcca5644070b460896577e838beff6ccf636b314eb4c015cd0578ade7c003443f532634bfdf607092de935ffe32c6df7c1fcc53c9fb0664405ba53007a3f96141fc34d0be2c097df342666b413bcd2f1f39ded844660b1e85e643905dfbfe7ca2b295736eeec33f75f2f0f7f7594a0617b9fc2722a18ce002254903843913c79ee02cec3c30e17b75dc60efd378bb74bb3f5ca018650ad45ddfcfd0b64ca97b17644fca90a58cb9836c7b0c4b95963c1fee59e3960b80ac1295f71fc82c6ccf29e6ed64916539a359bccf8f82ce261661d3171cb0f323cffb28fa84926c134c186490262a8f86c2cf172a00bc6851d9a9818b3b5dc5243ce8da3ef3a01ad15d03fbd34241900aac11900ab09[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
