December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=0160202a8bfdac0d410993cfd6777a012e6c908d461ef99a76b50b246c2dd820ddbf7499755d113036dcdc783d1d1eaf2162bd3530073c4116afaf76de2b3cd879e0cd40fa38df2cd1321cfd16f05d6587e835cb1dc686074be97c1c3a00aedd69c1432d10a03dbe093b7fac46c3c360abfbf838b2b6bc9d68243aada2dabcf56a146591c9665d46a9303af423829d6a338d3101fcd7ebe2c3300305119ca96df1f78df197579871c678480de1f57cbe4ffc7254725691a6493c125f8de9a5be4697830420b7d3043315b46e11515a70028bb7c8f18720aac34f7c5fb8228cd5528beb7919001cac02d963cec9218c28e92037551390a0d008df29a9164ec7d9369bdfbf344f86289b03f84c55c88b074e6d0789055e103c7057d4ced501bc1cdf0cca8f84c33b1be2626b09bd56a8a97c2aabf20a6de52a131977ae289fe8620b6f2cb2470d0078b0724211c68693d4e2334864a06b3371437c96d86b84c01e0806bc459ad3445cc803a4bd2a45fff08750f7080aa1a219c41f15f321990ba4136ad0b0f7d3b37a71d90dd9a53be5a7ce337c3c7ebafd4f8b802cb77f259491a619dd7096e0a4f9d8359b8faaba8dee2c7900a8394028bc5ae37c332c5acb88bb66ff04a810d0a8ce324c088a7080088a714f[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
