Release DateDec 30, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit an Arbitrary Command Execution vulnerability in Mac OS X.The "Open 'safe' files after downloading" option in Safari on Apple Mac OS X allows remote attackers to execute arbitrary commands. This can be done by tricking a user into downloading a "__MACOSX" folder that contains metadata (a resource fork) that invokes the terminal. The terminal automatically interprets the associated script using the "bash" shell. For example, if a ZIP file that contains a script with a safe file extension is downloaded, the script will be executed. The script commands are executed in the context of the user opening the archive file. |
Affected ProductsApple Mac OS X Server 10.4.5Apple Mac OS X Server 10.3.9 Apple Mac OS X 10.4.5 Apple Mac OS X 10.3.9 |
Recommended ActionsApple has released security advisory APPLE-SA-2006-03-01 and APPLE-SA-2006-03-13 to address this issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-0848 |
Reference/shttp://docs.info.apple.com/article.html?artnum=303453http://www.kb.cert.org/vuls/id/999708 http://www.securityfocus.com/bid/16736 (BugTraq) |
