• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Home
  • Archives

RIMarkable

The Unofficial BlackBerry Weblog

  • Hardware
  • Reviews
  • Rumor Mill
You are here: Home / BlackBerry / 2 BlackBerry Enterprise Server Security Vulnerabilities Found

2 BlackBerry Enterprise Server Security Vulnerabilities Found

December 31, 2005 by Robb Dunewood 1 Comment

Security Tracker has found two denial of service type vulnerabilities with BlackBerry Enterprise Server. The first is a problem where the BlackBerry Attatchment Service can be crashed y remote users with malformed TIFF files.

A remote user can create a specially crafted Tagged Image File Format (TIFF) file that, when viewed by the target user on a Blackberry device, will trigger a heap overflow on the Blackberry Attachment Service and cuase the service to crash. The Attachment Service will restart immediately or after a period of time.

The second vulnerability is problem where the BlackBerry Enterprise Server Router Component lets remote users deny service.

A remote user with the ability to connect to the target BlackBerry Router component can send specially crafted Server Routing Protocol (SRP) packets to disrupt communications between the BlackBerry Enterprise Server and the router. This will prevent communications from BlackBerry devices to the enterprise server.
Research in Motion is working on fixes for both security vulnerabilities and will post them to their site when available.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)

Related

Filed Under: BlackBerry

Reader Interactions

Comments

  1. Robb Dunewood says

    January 4, 2006 at 12:40 am

    RIM has posted a workaround for one of the corrupt Tiff file vunerability on the blackberry.com website. Simply exclude TIFF files from being processed by the Attachment Service.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Like What you See?

If you're serious about your business, the Aspire theme is the way to go.

Recent Posts

  • The Priv…..You Better Market It!!
  • BB10… A Slow Death?
  • The Day BlackBerry Forced Me To Leave BlackBerry
  • BlackBerry Hank Says Goodbye
  • Get A 10% Discount Code On A New BlackBerry Silver Passport

Copyright © 2021 · News Pro on Genesis Framework · WordPress · Log in