December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=5666857b9dfcf00353cdb63f33c454953205e6b054f98a3b8dae7364c098f9ae90c97b80fbec7e6eed9b78cae778f9a17947aa6c617568d67de14d73112c6990b8de95f69828916d92ea2599e31abdffc75cabd4e1d7073b745cb9a1a8269d11fcd6f26da28ea84924e8f96db71657fe8c5058a88a0b7cb840eacba0079ba88e43fcc4321245d825a26eea4fbe4581fc29cbeae6dd935c52166aa627e25c1b8334b85f34a4247d833621878f32ac21615b55475fbad9372cc44db24db012442dd3bdb774e6ad1376ef3c24c1fe5e53c0f7535b52f5fbfaa6554df4798b1f142ae7f5e1ad424e4f12a5d00a85540f46c556798d303656b706a944453b8a98854ffaeb6944ab8b36f99a74a6c2b7398caca38b8181301173122e36e6389df07668f6c4ecb689494fb370c0e56245dbe3f3cbff82cfdfb900074b1199d467ef72c3e9f702a8799c7f545c95d28f8fdac6645caa070a3958509f6e3aa7c0fa96475e5cea13cc8512ca9e51f2ea7c12a9a6f106c15e54f7f54f924973a578cf59f2433c84e6a185e32c278e5b8ff36d93f198652a6a28ecab19ddd67ae12973c3fe304f8b26c0965ee4a77c200842620ccb4fe5164e6f16e114f6a36a657a0c9ddeed30a952fe46d0b2c1392da7e4d3b2a7e4d27c[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
