funsec mailing list archives
Mac OS X "__MACOSX" ZIP Archive Shell Script Execution
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 21 Feb 2006 15:57:59 GMT
Just in case anyone was curious what became of this: [snip] Michael Lehn has discovered a vulnerability in Mac OS X, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of file association meta data (stored in the "__MACOSX" folder) in ZIP archives. This can be exploited to trick users into executing a malicious shell script renamed to a safe file extension stored in a ZIP archive. This can also be exploited automatically via the Safari browser when visiting a malicious web site. Secunia has constructed a test, which can be used to check if your system is affected by this issue: http://secunia.com/mac_os_x_command_execution_vulnerability_test/ The vulnerability has been confirmed on a fully patched system with Safari 2.0.3 (417.8) and Mac OS X 10.4.5. [snip] More: http://secunia.com/advisories/18963/ - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Mac OS X "__MACOSX" ZIP Archive Shell Script Execution Fergie (Feb 21)