[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] remotely triggered program execution on MacOS-X Jaguar

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] remotely triggered program execution on MacOS-X Jaguar
From: Kai Kretschmann <security@security-gui.de>
Date: Thu, 30 Oct 2003 07:53:25 +0100

Problem: remotely triggered program execution on MacOS-X Jaguar

While surfing with the mac Version of IE 5.2 we reached a IIS driven webserver. One downloadlink ending with ".asp" saved the link as a lokal ".asp" file and started the local program "AppleSystemProfiler" which seemed trying to read the data.

I think it might be possible to force this behavior by targeting the mac
users community to one download link ending with .asp and modifying the
file in such a way the SystemProfiler might run any heap/stack/buffer
overflow.

Anyone tried it already?
--
Kai Kretschmann
www.security-gui.de

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Coding securely, was Linux (in)security
Next by Date: Re: [Full-Disclosure] TinyURL
Previous by thread: [Full-Disclosure] IDS Evasion thank you.
Next by thread: [Full-Disclosure] Re: System monitor scheme
Index(es):
- Date
- Thread