8 of 15Image
iPwn! Hack an iPhone with an SMS message
Charlie Miller, now an engineer at Twitter, has long been known as one of the top researchers of Apple products. In August 2009 at the Black Hat security conference, Miller outdid himself with an iPhone hack that must have rattled some chains at Apple.
Miller, along with Collin Mulliner, demonstrated how they could send an SMS text message to an iPhone and compromise the phone automatically when the message was received.
The vulnerability led to no real-world attacks because Miller reported it responsibly to Apple, who had an update out in time for Black Hat. Had the wrong people discovered it earlier the consequences would have been severe.
To this day, the iPhone SMS hole remains one of the most eye-opening security vulnerabilities ever.
Image: Charlie Miller
Adobe Acrobat & Reader. Now we fear PDFs.
Adobe's PDF document format, long ago released as an open standard, has become one of those formats that you can assume everyone can read. Lots of software reads PDF files, but most people still use the Adobe Reader program to do it. In the mid-to late 00's, numerous vulnerabilities led to numerous exploits using numerous malicious PDFs to turn numerous Windows users into bots.
As with the Flash vulnerabilities of years gone by, none of the Acrobat/Reader vulnerabilities really stood out over the others. It was the steady parade of them and the consequent need for frequent updates that stands out.
As with Flash vulnerabilities, Adobe has steadily hardened Reader and Acrobat so that vulnerabilities are fewer and less-severe.
Image: Security @ Adobe blog
The other OpenSSL problem
Ten to fifteen years ago, before there was awareness enough to create Heartbleed-level hysteria, some really horrible vulnerabilities in really important software would go relatively unnoticed.
CVE-2002-0656 is one of a few remote code execution vulnerabilities from that era in Apache web servers and OpenSSL — yes, the same OpenSSL implicated in Heartbleed. It was found by well-known researcher Alexander Sotirov who demonstrated how to use it to gain a shell, meaning code execution capability, on Apache/OpenSSL web servers and a root shell on some servers.