Filed under: Internet, Leopard
Security company discloses iCal vulnerabilities
Core Security, in an advisory that showed a contentious argument with Apple, disclosed three iCal bugs that attackers could exploit using malicious servers, web sites, and .ics email attachments.
"The vulnerabilities may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application or to repeatedly execute a denial of service attack to crash the iCal application," said Core Security.
The advisory states that iCal 3.01 running on Mac OS X 10.5.1 is still vulnerable, but it's unclear if the latest version of both iCal and Mac OS X (3.02 and 10.5.2, respectively) fix the problems. Apple asked Core Security to delay publication of its findings, but Core Security set May 21 as its drop-deadline.
Core Security first reported the bugs in January. Apple fixed one of the bugs in a security release in March (2008-002), but thought that the others were not as critical as Core Security did. After Apple pushed back the release date for the remaining patches several times, a frustrated Core Security said they would release details of the bugs.
[Via Macworld]
Update (June 1, 2008): The Washington Post notes that Mac OS X 10.5.3 patches the vulnerability.
![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)
Reader Comments (Page 1 of 1)
archipenkoblackmilk said 5:58PM on 5-22-2008
Very, very interesting. Its always intriguing to look at the other side of the apple/coin. Have enjoyed all your posts so far, thanks!
Reply
Eckofish said 6:23PM on 5-22-2008
I only hope that once Apple and OS X gather more market share that the less helpful individuals in the software business don't turn their attention our way.
Windows is so vulnerable because everyone is looking to exploint it.
The mac OS is yet to gain enough weigh to be of any interest to serious missfits. So hence having far fewer known exploits.
No one knows the colour of your underwear unless they look to see what you are wearing. Sorry for the long rant ;)
Reply
David said 6:56PM on 5-22-2008
[quote] "may allow un-authenticated attackers to execute arbitrary code on vulnerable systems with (and potentially without) the assistance from the end user of the application" [/quote]
It's the "and potentially without" that always pisses me off. Scaremongers try to equate the Window's self-replicating viri with socially spread malware (trojans, hacks, exploits whatever) on the Mac. Then they mysteriously claim that these things that must be spread by user interaction may magically turn into something that self replicates.
There are going to be stupid people using Macs or Windows that will type their password to install malware onto their computers. It's just a fact of life and is not news.
The news will be when a Mac OSX user visits a website and without any intervention on behalf of the user, a virus is installed, replicates and redistributes itself to other Macs.
Until then, yes you got us, there are stupid people who use Macs, and they will install anything. Just look at the number that whacked away on their iPhone without understanding what the code was doing in the background or who it was talking to.
Reply
viro said 8:17PM on 5-22-2008
dude there are already bugs like that out in the wild there has been bugs for safari(look up pwn2own) and any bug for flash that has ever been out. there's now bugs in the pdf render code for adobe reader which is probaly in the core osx code for pdf rendering so on and so on. don't kid your self. any java bug that has ever came out could have been used on osx lol you have no idea what your talking
Tony said 11:50AM on 5-23-2008
"dude there are already bugs like that out in the wild there has been bugs for safari(look up pwn2own)"
Ok, let's look at pwn2own:
"Not a single attendee entered the contest on day one, when all vulnerabilities had to reside in the machine's operating system, drivers or network stack."
The bug that was exploited was a Safari vulnerability that *required the user to go to a website, then GIVE IT PERMISSION to install something on his machine.* It was a social engineering exploit, not a self-installable piece of code.
Nice try.
キリちゃん said 10:22PM on 5-22-2008
there's now bugs in the pdf render code for adobe reader which is probaly in the core osx code for pdf rendering [...]
lol you have no idea what your talking
Hmmm. Adobe has never licensed any of their PDF code to Apple actually Apple wanted to pull this off with Adobe when OS came out, but Adobe didn't, so Apple were pissed off and wrote their own PDF implementation. That's why it took them so long to get some of the editing capabilities for PDFs in Preview.app. They had to reverse engineer it.
No none of that Adobe code and those bugs are in the core OS X code for PDF rendering and it is you who is talking out of his arse.
Have a nice day. Namaste.
Reply
viro said 2:36AM on 5-23-2008
did you not notice the word probably? that means most likely its quite safe to assume that adobe licensed apple the pdf code SINCE adobe made pdf jack ass. so please don't act like i was stating a fact when i wasn't lol i find it funny how you just know these bugs aren't in the osx code too ... or do you not know how reverse engineering works
Tony said 11:49AM on 5-23-2008
"The mac OS is yet to gain enough weigh to be of any interest to serious missfits. So hence having far fewer known exploits."
This oft-repeated argument doesn't hold up to further scrutiny. The fact is, there were MANY virises/malware in OS 9 and earlier, back when Mac had a very much smaller slice of an overall smaller pie. The number of OS X users is *much* larger than the number of OS 9/8/7 users, yet there was no shortage of actual, in the wild, viruses and malware for the earlier OS.
Reply
NotBob said 7:04PM on 5-24-2008
In regards to Pwn2Own...
The MacBookAir was compromised in less than 2 minutes. An email was sent to the Mac and the user clicked a link. That was it. As soon as the link was clicked an exploit in Safari allowed access to the machine.
It took about 18 hours to hack into Vista and that was using a bug in Adobe Flash.
One will note that a great deal of the issues regarding security issues with Windows back in the 90s had to do with users clicking on links in emails and which exlploited flaws in IE.
http://www.darknet.org.uk/2008/03/mac-owned-on-2nd-day-of-pwn2own-hack-contest/
Reply