December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=d0ae45f71eb090a4253289310ecf721e6473937d27e0dbc4a2be4e347e79b619faecbbdcb1cd8e1e70d0fa5d2cccfbef0b36cf2e972ef51fa66cafc94abee573f5912711d6e32ec932f4aaaabd702a5b9f4ffb06ab9d9c9e074274a8e491cd2a431256cab1d0ebec82e66cc81d171651c76078e0d8d0f3fc3636c27a09e2f0bc47b43b99de2dfd1a9e96c0b60b03fc76dc26d615e14dbd991ed21e47dba9c24b727f8b73be3fa0731c60008b537c6a6b2d9a166a4b325a37e8b5cc25b484eb084c660290cdde023e44c16c82322470958a2ba99c7c9cd60916736cf298211e35874662921260a21d775f2936941ab1b692cf465c509152316eb4b648290d36c87d6ceec32d8ab07e1df32345303f8f2ba60c76016796e495a9b161bf3af7f1ef71476b31ffccc804044f5afda2525cf642488744783e4790fceae653e854074c6e72852ffe13e0d3db1a5408085d419adf338093be3fd718e9bd201e5511d0d9d76d944b02948d19da756cfb952e21368126d9db7070c815cec422f048d675c2bb0561262262aba008dc0874ea34761fe2adedaf6b2c9e5cb1672acee3bba5427d9fc93a11752809e44cb6a42c3787fda8d179e89166938b32ade2fd8b1a596ab72ed579c1d09142ab963bf374793bf375b7[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
