Vulnerabilities > CVE-2004-1021 - Unspecified vulnerability in Apple Ical 1.5.3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
apple
nessus

Summary

iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms.

Vulnerable Configurations

Part Description Count
Application
Apple
1

Nessus

NASL familyMacOS X Local Security Checks
NASL idMACOSX_ICAL154.NASL
descriptionThe remote host is running a version of iCal which is older than version 1.5.4. Such versions have an arbitrary command execution vulnerability. A remote attacker could exploit this by tricking a user into opening or importing a new iCal calendar.
last seen2020-03-18
modified2004-11-22
plugin id15786
published2004-11-22
reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/15786
titleiCal < 1.5.4
code
#TRUSTED 7f03a1ce63fcf63820525c71d7756f712db33eecafa472ee2ce934ee5dd9fb342bc464af39574a6d8cf1a96430c1a1e6abdc5535e489565642510b4c253c4c0d183763e83a07a7f36bf15cb1b40334f33b158243cd02a56fdecf27774212f271951cd22739acf1a719d50ec69eb5dc24d3eaadba2a09a908cf72d87422dfebb248d06d9931ed54f6dd6be62317875cc3918549a891507df90faa34068f2a35a3f3d587b67b8fcee538b1949ce1b131da53ed45268d38fc0a86512933a6e1f046759c6f3bbe5759d488ce7bcb12dcb929de84f1c662d99d36e92cc60cfa589b6e82f01cce63d5075872a87723805dbc8747172e7e7942a4cf338aef0951fd83641adb762fa58e64ec4a96d42a3172548a6dcdab68b1b612698c5580034f5f6eaa52c05636813c0b45e235434c1cb0e58102e2c7ac49af17b2643d3ee15cdc134889cac29d0e5c1ea64fa36e74c694d6446cc2bf092c0c653f0f6276089097d714d37517252f4260579a1f7342b4239af93a3cbed8983af0a28c895f73389f59c2ed3c89fd9933c0a6ca44314a484b93b5524a7c2cbd45d56a78e7a74a26a4aa1efa4f20946bb9c4988b8c1d87f7eed7d6ba1829122f0db16accd92c98881e7e96139a64c2d0d2cdf5bdcb2f38f38ef822ee8603055936e165ccfb054850a2151efc93f5abe51e5e555e53e223aba700699e909110a28f712d111a16c9a9cd9d6c
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
 script_id(15786);
 script_version("1.16");
 script_set_attribute(attribute:"plugin_modification_date", value:"2018/07/14");

 script_cve_id("CVE-2004-1021");
 script_bugtraq_id(11728);
 script_xref(name:"Secunia", value:"13277");

 script_name(english:"iCal < 1.5.4");
 script_summary(english:"Check for iCal 1.5.4");

 script_set_attribute( attribute:"synopsis", value:
"The remote host is missing a Mac OS X update that fixes a security
issue.");
 script_set_attribute( attribute:"description",  value:
"The remote host is running a version of iCal which is older than
version 1.5.4.  Such versions have an arbitrary command execution
vulnerability.  A remote attacker could exploit this by tricking a user
into opening or importing a new iCal calendar.");
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?bd087f47");
 script_set_attribute(attribute:"solution", value:"Upgrade to iCal 1.5.4 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"vuln_publication_date", value:"2004/11/23");
 script_set_attribute(attribute:"patch_publication_date", value:"2004/11/22");
 script_set_attribute(attribute:"plugin_publication_date", value:"2004/11/22");

 script_set_attribute(attribute:"plugin_type", value:"local");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_family(english:"MacOS X Local Security Checks");

 script_copyright(english:"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.");

 script_dependencies("ssh_get_info.nasl");
 script_require_keys("Host/MacOSX/packages");
 exit(0);
}


include("misc_func.inc");
include("ssh_func.inc");
include("macosx_func.inc");

if(sshlib::get_support_level() >= sshlib::SSH_LIB_SUPPORTS_COMMANDS)
  enable_ssh_wrappers();
else disable_ssh_wrappers();

packages = get_kb_item("Host/MacOSX/packages");
if ( ! packages ) exit(0);


cmd = GetBundleVersionCmd(file:"iCal.app", path:"/Applications");
uname = get_kb_item("Host/uname");
if ( egrep(pattern:"Darwin.*", string:uname) )
{
  if ( islocalhost() )
   buf = pread(cmd:"/bin/bash", argv:make_list("bash", "-c", cmd));
  else
  {
   ret = ssh_open_connection();
   if ( ! ret ) exit(0);
   buf = ssh_cmd(cmd:cmd);
   ssh_close_connection();
  }
 if ( buf && ereg(pattern:"^(1\.[0-4]\.|1\.5\.[0-3]([^0-9]|$))", string:buf) ) security_warning (0);
}