December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=6f9ff32a81e844de35db9ff76e5f03d505babdcf1920f803a3b9644c707fe0bc015805982ddcd29329b9039e59190556460ed650965122b3c055d01e19e97cb98dae76bdb167d06f31807373cda774fadc59fe137a26745fcbf8f5b01e8529c49e9ad374a2b1417791d9733e6ecedaa3c5b8318672b0807cdcd3981f38d29b047ddd764930d86c4d4f5ac7682a15f75de35f6fe2b98597af56ccc457f9b4c5e2c37de2fb4b7883ef008c9dae35f07023b1a21df48de588570a739a0b38b4b7cfd9bd2f72618d81f8bed33d8d9bc72a35c9f98d21f8353a2e95bd41b2e73e923cf7f360a1b67728e8e0969d6c6c46825ed56447069caa97ae549394676e4f9065cd41503a5cc02b129d2667fa2a14d64472db32ef74b178bf5fee4ff3854846d19e8593bf9519d8ebebf93c55827e7dd77a78cb3bf4e57b0ed5d0537e10ffeb39f1764be1156e12de1c2c7fe6220886eb49bfe66fff8068a7560297a1eaae6f6668d6a41a89a596bf3862557ba6d0cee1b6996664cfcf77ae1104e92bc9b33de006ff6e726360446ac99acb39423b32993571226348cb5cf893982f7641d164047fe31c95b602af3e4acd7bd8307a5a34f51c49af0d48f32d33d8d0893934a5e6d508516ac67ed032ddcd56d8c5dcb1d8c5dd7e[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
