Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Serious flaw on OS X in Apple Safari - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Serious flaw on OS X in Apple Safari
We received notice from Juergen Schmidt, editor-in-chief at heise.de, that a serious vulnerability has been found in Apple Safari on OS X.  "In its default configuration shell commands are execute[d] simply by visting a web site - no user interaction required."  This could be really bad.  Attackers can run shell scripts on your computer remotely just by visiting a malicious website.

Full text of the article: http://www.heise.de/english/newsticker/news/69862
Proof of concept from the original discoverer (Michael Lehn): http://www.mathematik.uni-ulm.de/~lehn/mac.html

The problem is due to a feature that is activated by default: Open Safe Files after downloading.  A zip file is considered safe and so they will be opened automatically.  Subsequently, a shell script with no #! at the beginning of the script will be executed automatically.  No user interaction!

Recommended action: disable the option "Open 'safe' files after downloading" in the "General" preferences section in Safari.


Kyle

112 Posts

Sign Up for Free or Log In to start participating in the conversation!