Mac OS X vulnerability allows execution of malicious code
Written by Ken Edwards
Published May 20, 2004

In what is being described as a "highly critical" vulnerability, security firm Secunia on Monday issued an advisory to all Mac OS X users that surf the Web with Microsoft's Internet Explorer or Apple's Safari Web browsers...

The result of the vulnerability, which has been confirmed using Safari 1.2.1 (v125.1) and Internet Explorer 5.2, is that it is "possible to place arbitrary files in a known location, including script files, on a user's system if the Safari browser has been configured to ("Open "safe" files after download") (default behavior) by asking a user to download a ".dmg" (disk image) file."

Source: MacCentral


Um, yea. This "flaw" has been known for a while now folks. Apple should have fixed this in February. Why didn't they? Good question.

New information found here. Many other related links are found at that article.

Basically you should get More Internet, something I have installed already. More Internet is a fix for the flaw, but Apple needs to patch the Terminal vulnerability. This is not, by the way, the first time a security hole has been found to gain access to the Terminal with more privileges then you should have. This one just has not been fixed yet.

There is an AppleScript inside the Help Viewer package that is the root of this vulnerability. This is the first OS X vulnerability I am worried about. But there is a temporary fix, and I hope Apple makes an "official" patch soon.

"rm -rf" cannot be used because the string command will not accept spaces. At least it has not been figured out yet.

Two examples of what can be done with this vulnerability:

The first uses a meta refresh to cause you to download and mount a .dmg file. The second uses this technique to launch an executable in the mounted volume. This could be used by AOL and other vermin to automatically install a "Free Trial of..." from a pop-up. That is nasty.

Originally posted at Breaking Windows.

Ken Edwards is the Gaming Editor at Blogcritics, and calls Breaking Windows home. Ken works part time for Student Publications at BGSU as the Webmaster and System Administrator. He is also a freelance web developer.

Keep reading for information and comments on this article, and add some feedback of your own!
Mac OS X vulnerability allows execution of malicious code
Published: May 20, 2004
Type:
Section: Sci/Tech
Filed Under: Sci/Tech: Software, Sci/Tech: Internet
Writer: Ken Edwards
Ken Edwards's BC Writer page
Ken Edwards's personal site
Spread the Word
Like this article?
Email this
Submit to del.icio.us Save to del.icio.us
RSS Feeds
All RSS Feeds (240+)
Comments on this article
BC articles by Ken Edwards
Sci/Tech: Software
Sci/Tech: Internet
All Sci/Tech Articles
Ken Edwards's personal weblog
All BC articles
All BC Comments

Comments

#1 — May 21, 2004 @ 11:42AM — Hal Pawluk [URL]

Basically you should get More Internet, something I have installed already. More Internet is a fix for the flaw

I installed it but don't see any fix. How is it suposed tohelp?

#2 — May 21, 2004 @ 13:25PM — Ken Edwards [URL]

Sorry, the instructions were on the page I linked to.

Open More Internet

Find the "help" entry

Select Change, and select a different app, the link I added suggests Chess.

Your all set!

#3 — May 21, 2004 @ 13:48PM — Hal Pawluk [URL]

Got it (now) - thanks.

Want comments emailed to you? No spam, promise! Address:

Add your comment, speak your mind

(Or ping: http://blogcritics.org/mt/tb/15812)

Personal attacks are not allowed. Please read our comment policy.





Remember Name/URL?

Please preview your comment!

Fresh
Articles
Fresh
Comments