TITLE: BlackBerry Enterprise Server Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA18277 VERIFY ADVISORY: http://secunia.com/advisories/18277/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: BlackBerry Enterprise Server for Exchange 4.x http://secunia.com/product/4530/ BlackBerry Enterprise Server for Domino 4.x http://secunia.com/product/4531/ BlackBerry Enterprise Server for Novell GroupWise 4.x http://secunia.com/product/6715/ DESCRIPTION: FX has reported some vulnerabilities in BlackBerry Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error exists in the Attachment Service when handling malformed TIFF image attachments. This can be exploited to prevent a BlackBerry user from viewing attachments. 2) An error exists in the handling of Server Routing Protocol (SRP) packets. This can be exploited to disrupt the communication between BlackBerry Enterprise Server and BlackBerry Router, potentially causing a DoS. Successful exploitation requires that the attacker is able to connect to the BlackBerry Server/Router via port 3101/tcp. The vulnerabilities have been reported in BlackBerry Enterprise Server version 4.0 and later. SOLUTION: The vendor recommends the following workaround. 1) Exclude TIFF images from being processed by the Attachment Service and/or disable the image attachment distiller. 2) The BlackBerry Enterprise Server and the BlackBerry Router should be placed behind the firewall in a trusted network segment. Refer to the vendor's original advisory for specific instructions. PROVIDED AND/OR DISCOVERED BY: FX, Phenoelit. ORIGINAL ADVISORY: http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898 http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167895 OTHER REFERENCES: US-CERT VU#570768: http://www.kb.cert.org/vuls/id/570768 US-CERT VU#392920: http://www.kb.cert.org/vuls/id/392920 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------