https://www.exploit-db.com/exploits/21815
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-702

MacOSX是由Apple公司开发和维护的基于BSD的操作系统。MacOSX由于没有正确检查部分连接类型的内容，本地攻击者可以利用这个漏洞进行权限提升。MacOSX中的部分类型连接，当点击的时候，可以导致任意命令执行，由于不正确处理部分连接数据，攻击者可以构建包含特殊字符如”|”和嵌入系统命令的连接，当特权用户点击这个连接的时候，可导致连接中包含的命令在terminal.app窗口中执行，攻击者可以结合各种命令获得权限提升。

source: http://www.securityfocus.com/bid/5768/info

Mac OS X is the BSD-based operating system distributed and maintained by Apple.

It has been discovered that some types of links, when clicked on, may result in the execution of arbitrary commands. Due to the improper handling of some links, a user clicking on a link containing special characters and embedded commands could cause the execution of the commands in the link to be carried out in a terminal.app window. These commands would be executed in the security context of the user.

telnet://|ls -la

来源:BID
名称:5768
链接:http://www.securityfocus.com/bid/5768
来源:XF
名称:macos-terminal-url-link(10156)
链接:http://www.iss.net/security_center/static/10156.php
来源:APPLE
名称:2002-09-20
链接:http://lists.apple.com/archives/security-announce/2002/Sep/msg00001.html
来源:apple.slashdot.org
链接:http://apple.slashdot.org/apple/02/09/21/122236.shtml?tid=172
来源：NSFOCUS
名称：3585
链接：http://www.nsfocus.net/vulndb/3585