December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=dafa47f391148e1ea69c6676030f8998c643bb8016a76f61ad6ef0f9b6f60ffa31e471a8732c3cd8c36b61c8146c61a49d92ec94fa94ee18b6c474ad0df0e63a6a5b001b78e234c338fea0a0b77a20519545ea90c65396940d487ea2ee9bc72051185cc0bbdae1e688ec66c2171d1c5bcd6a72e94898dec15554bdcd29d49dad26324e0a8562c30c0414b8552f3ec1d481749512fba1279314d8144dd1a3c84178758179b435aa79166a0a81597660612fbe91d1d149963780fd886fc98d4cf37e6ec7551c682757a64c5aed5797ce9d0977f1f92ead2c321b6d3cc523881be9527e6c232b2c002bd3d2dc1febba6f0feb60d1f2b32b137f14e9aff03c189fe03694a4e15c886f36fa875d519f3ec8dc4df8b7f915cbe5ab4c381c11f9a57514fd13e8ca1c6df5d3b3b1e9447e8101742181d7a9b05261af1474c4a10cd133a9f0e007baec630c950d97360f93d1799f456a0f970e626d2b54de7a93613b1d155d28ff2af3550d6b38368aecaa93657b55bb748a8fd9d8a912a4b17cd9a895d2bc780f6b2c2868a1aa02d6027ee03e7c15e8a7e7a561269456bb6d20c4e9b1af4877952d301b7f2203ee46bcae263d8df7a2db73e29b6c998138a7e8f781105360bd24df73cbd0776032bc720b3276720b33b9[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
