lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <3FA0B565.6040009@security-gui.de> From: security at security-gui.de (Kai Kretschmann) Subject: remotely triggered program execution on MacOS-X Jaguar Problem: remotely triggered program execution on MacOS-X Jaguar While surfing with the mac Version of IE 5.2 we reached a IIS driven webserver. One downloadlink ending with ".asp" saved the link as a lokal ".asp" file and started the local program "AppleSystemProfiler" which seemed trying to read the data. I think it might be possible to force this behavior by targeting the mac users community to one download link ending with .asp and modifying the file in such a way the SystemProfiler might run any heap/stack/buffer overflow. Anyone tried it already? -- Kai Kretschmann www.security-gui.de