December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=17109e26dce09922018403e7d90935dda295d26ea3c5437b958f24ae66a5af150429be65bf0190f50ea7243559adaf69585cd90111c937557b09b918c83e2d0fdee6db57ec13393acf243aeb00e25b7391d73c436c225b69c0822f632357eaed9757453806b628281f2f693a50d5d776bd8dee29776f0ced8f07620c717f5e0c7d9b1987e20560b049d94d105a930c798389cac217a46546cdda9a8dd375f3b3cb341cdd9d5e63d36a5f1a77836968bbeb4ab348c49f6a8fb84abb341a9fb77640c62feecaf424ea33b7fd62b2327be675b43cc6b73d8da82cd80fcd92329a5c07915b0a31a75b4eabe2bf1748c0b017b15407e19b9746f71ed1173f0058d1df2a60fb2904485a060290a7ef1c4601584c004cf9f1a3db40d75f963f8bdd703ea9e6ffebc7d12120978fc04a2ff26783bf4384af328a9d13b2a1b7156669408f30890e73996d146ca664558fac98e5d68f705a455a754b5ac527c6338f66d591f1df3cc3bc9847a6f1cb4f237c462a174ae679454e1659b2dda9c2794f366b45907c9f16149b103c1233fa33412a315451da3251f259b50bb813ffad2a5cfabd44967367ddbbd8fece228d99bcac9b01a08a7b5b591defbaf3a0204f4050dddeacf62912be06d0a5236775ef01e7fcef01e633[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
