December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=6971ed42e365c4652969f847980e4058f30ab08d6b003405c2b2673b6d0b3386b63f53ed33e61299b66b273fb2d3737d54dcf8d6169057a4b5ce53d6d827ef7660e928c4a17e87d7c8673fc146190cc58290e7fc057f0cc5501a0f650704a14972a4a537de2baf5f5ee765584c98b0a5abf2715355a566797286250e7d95e4ee7df2c6d2210e351b985314769cca867ad5fdd4d8fbad6266e8c49999c4be243d3c5f238085868a7cb65a8f9a2df256511ebb6af14b14e513cd12d91f23998d2e2af0fb4c48d803605b3d2c06793b3a1c6a250300e92f05c5534093ccc5bb399a83edb6dfdb356e9ec95c794faed0f133ad36a3ed759daee82f88b7af0ff290b4934d19c7563c5cce2e0a9b2166fc2d14dc7e1c7dd19300c418a4e2afe240f59feb5129e1402194d0daa2601c4f618d2203e4023b678a4af683bb5327b52d541a679a566d82d476a55b2d3cb2637ad930aa659ccc34cdb444c837202f826528b19190e7f803fadc032991446705fc2f4eaa492dd4346eacaf88f3500dd467acb4329dfa66aebac69ffe8f81cf84174f94ba1dde3a1c3cda90e8331a9357e49f31a670466c7b6c3de56fcb2e95908f85a058156c7296d9cf19fbe6038f3e2ea3a8ef0e576cc078d0e5bbd28141286b1e41286ad1[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
