December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=a1f400bc6979b31770d06573e095c57db5ea69d0fba767c3077cde4aa1ad8769779b25fb3eda5e7ea31bf77c1bfbad9b942f5edd989f305abd9699018edfb2777461d0673f459b641cd36f15ec4b0931aa5c515bc971cd82aa4f575ed06be70920049b54785ebfd21e0f9b41e0a1087aa6ae5f455bb43dcc98da0d4344980323b2f52969c6fd06099099d231c64eb51eda9880f66be3a4e09c50d114aaed75c24ea9c252d28b75c0d77179c45ad797addb45e994d2fa2dab2b0cf30cfa732a8d74cce7e9a08e77e186caa93dc3437539e7775771edd5d9285dd64e91b8f84ba7765713dd2dedf80408b3e218335a6a187d8314b478645267993a15c3e1a21b4defdf9a27c3d46d81fc266ae455832726c3c28294b09cd03763676a80d60e6f8660b3b1609e9ea94f52d3ffc6fa0bcb4a8b28c2aa291cd4ee8c581a77ebaf42cb9b6cc19718372e766c6d74e8aa02e7f63184ec851e16502fa501ead30066ee26338441882e7110437df193c1e81e00aec0cff1e4a2a7d269dfaa07bcd3fea9cb237210577315dad178ad79059b65076e93dc9cde1a5def2b208c17df853508c6b97c0c3660a812518ad6feb494fa3db913e0b899e017e200559c938cfa6b281bc65fa408b0d03fe2de784d3bb8fd4d3bb933[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
