December 4, 2008 in Security by Vincent King
… a serious vulnerability has been found in Apple Safari on OS X. “In its default configuration shell commands are execute[d] simply by visting a web site – no user interaction required.” This could be really bad. Attackers can run shell scripts on your computer remotely just by visiting a malicious website.
Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html
The problem is due to a feature that is activated by default: Open Safe Files after downloading. A zip file is considered safe and so they will be opened automatically. Subsequently, a shell script with no #! at the beginning of the script will be executed automatically. No user interaction!
[[T_F]]Digital Content Theft Prevention and Tracing, Downloads and Online Property Protectiontracefusion_signature=196e2d04d1c10bafca68d5cd582d7de50d52d168031ff38e1661a44d457bc4db772e53ee6b62e6c61b5b4fc763631524ec976666c02748e215352e1b05a75bcffcd968df87db255ae6835f621ecb6c703dc679a378100029bdef434780d51b6df8e8a562d4c77701e7af354818b8acd5bfbfc7d69617536dc44795749b975e6d824c72f9ec0b6815e6c79e44b0936d86b166e0ff5a3dbc98a6c0a062f355ed7efe317ef22a33cef80fc9c17cfe6f5709bc8ed3f412c97bf1240a4795f1bda65e8f9b1c38afcb1c2b0dac76094942681a93afd0e99f38b2db576447a03a94cd4a93f361011804b41ac17bd6d1399430f1382f4d0b88b8c810c731b10e56dfc12e83c7a72c579e30831be0544dd0931f56751f911d460824684fccd6cd19a404c714d2979cdb2303fa7a7311a54eb0b16432b3ea1275fd320b016fb63087f07a137734aa5f151860a86a5a09de9e8bccfa2b507cb8732b695b648ec0739cd806101ea45d82cb5c44d01bbca5325de7e89f48ef1012b9ba01dc070deb398113bc0b72c8a8efcbab6269c115c1bd23fdbfd62b642466a2e557939834af673d8c89be01c5688ef8bce1c02d8397b2a295f6346118b0215830a442fb642b3442d390a37ee71cb008d071e745c567c6266b67c627a5[[T_F]]
Tags: Default Configuration, Discoverer, Os X, Shell Commands, Shell Script, Shell Scripts, Vulnerability
