December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=ad230984e663f969d1eb11817478feefb134ccf761d01816da1d878ec181788d469306df045b4bafb40316bf631f16d312e58be3b3e3996fc1b303fa7a87914d1d2c776c0f9543b44f89f7d7c00d5726e2329de7b124e1037a3d09d599ec3057266f2bb5ccad9a91ff9b11b5606a6b2cba5d059e3fefa9b62223caba5ea3eada514538fdf215ba7b7363cf225849b6a3f603e2650cd6502463af673aa6d4bf360f02f60ec342dd36611d7df62e0117164ea6a915094529f6778aff18befa3b040909b0226b1f5060d13a2d9a20e0b90a7e31302adaaa894c62a897ab7e0c722540c28b6af7775ca4a5ab689ccd18789c17a685c45c6408639ed8874b6fe89741e3d3962bff18418df02a26e849bfab3a8fc08e62bc92dc3b4f6b668ed202638a649fbd6b1a82a4c4c69e3309f6760356f6a0dec72516d86303b3d67ba644de879770cd9b147be27ae04178e4a60ee8321d78e079151a5c23a90de4164c6a622a5f885d84227a1c4f41fd9bdde4120c22cc03fdf8aeafde65d3c60baedfe2a5cb0f781c5b5f1fd6dd75a1750997490b629fd090d21651e321cc1a57b39ec6d83f00e25a476c0855749931cbd9514afa80d5ac0495ec1beef64fd09f80f6672417ca53a804bcd02aa97237146fdec0146fdf0e[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
