RIM Warns of BlackBerry Code Execution Security Flaws

[Buzz_Dengue]

RIM Warns of BlackBerry Code Execution Security Flaws
By Ryan Naraine | August 10, 2011, 12:49pm PDT

Summary: Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone.

Research in Motion (RIM) has issued an advisory to warn of the risk of remote code execution attacks on the BlackBerry Enterprise Server.

The company shipped a patch that covers a total of five documented vulnerabilities that could be exploited via PNG or TIFF images.

From the RIM advisory:
Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server. Depending on the privileges available to the configured BlackBerry Enterprise Server service account, the attacker might also be able to extend access to other non-segmented parts of the network.

To exploit these vulnerabilities in how the BlackBerry MDS Connection Service processes PNG and TIFF images, an attacker would need to create a specially crafted web page and then persuade the BlackBerry smartphone user to click a link to that web page. The attacker could provide the link to the user in an email or instant message.

To exploit these vulnerabilities in how the BlackBerry Messaging Agent processes PNG and TIFF images, an attacker would need to embed specially crafted PNG and TIFF images in an email message and send the message to the BlackBerry smartphone user. The user does not need to click a link or an image, or view the email message, for the attack to succeed in this scenario.

Affected software includes:

•BlackBerry® Enterprise Server version 5.0.1 through 5.0.3 MR2 for Microsoft Exchange
•BlackBerry® Enterprise Server version 5.0.1 through 5.0.3 MR2 for IBM Lotus Domino
•BlackBerry® Enterprise Server version 4.1.7 and version 5.0.1 through 5.0.1 MR3 for Novell GroupWise
•BlackBerry® Enterprise Server Express version 5.0.1 through 5.0.3 for Microsoft Exchange
•BlackBerry® Enterprise Server Express version 5.0.2 and 5.0.3 for IBM Lotus Domino
RIM said the BlackBerry smartphones and the BlackBerry Device Software are not affected by these vulnerabilities.

RIM warns of BlackBerry code execution security flaws | ZDNet

[howarmat]

this is the type of attack i would fear most. There doesnt have to be an app installed like most of the other vulnerabilities discovered. Very little interaction would be needed with the user here.

[Buzz_Dengue]

Quote:

Originally Posted by howarmat

this is the type of attack i would fear most. There doesnt have to be an app installed like most of the other vulnerabilities discovered. Very little interaction would be needed with the user here.

If I understand the problem... no interaction other than clicking the link is required from the user through email or text message... yes?

[howarmat]

Quote:

Originally Posted by Buzz_Dengue

If I understand the problem... no interaction other than clicking the link is required from the user through email or text message... yes?

clicking the link for one and just opening the email up for the other. real easy to get people to do

[K Bear]

That is a very bad exploit to have. With users feeling that they are secure, you'll find many users falling for this.

[melissaryyy]

This is actually HYSTERICAL. All people can say on Crackberry is how security is all that matters, it's their first priority, it's the reason BlackBerry phones are superior and now look...

[West Coast Flavor]

Yea. I saw five or six threads trashing Android. I TOLD them just because they use bb they ARE NOT IMMUNE!

Posted from my CrackBerry at wapforums.crackberry.com

[melissaryyy]

Quote:

Originally Posted by West Coast Flavor

Yea. I saw five or six threads trashing Android. I TOLD them just because they use bb they ARE NOT IMMUNE!

Posted from my CrackBerry at wapforums.crackberry.com

So true. I LOVED my BB for many years, but no phone or OS is perfect.

[rmjones101]

Quote:

Originally Posted by Buzz_Dengue

If I understand the problem... no interaction other than clicking the link is required from the user through email or text message... yes?

From the article... "The user does not need to click a link or an image, or view the email message, for the attack to succeed in this scenario."

But then too... from the article the vulnerability has been patched (from what I've read). So I'm guessing the BIS server probably received a zero day patch if it was affected.

[mjs416]

Quote:

Originally Posted by melissaryyy

This is actually HYSTERICAL. All people can say on Crackberry is how security is all that matters, it's their first priority, it's the reason BlackBerry phones are superior and now look...

I have always pointed out the flaws of androids and ios but I dont think I have ever found those vulnerabilities "hysterical". Its almost as if people like you want crap like this to happen so you can say bb os is just as bad as the rest of them ( even though this vulnerability has nothing to do with the smartphones themselves).

[rmjones101]

Quote:

Originally Posted by mjs416

I have always pointed out the flaws of androids and ios but I dont think I have ever found those vulnerabilities "hysterical". Its almost as if people like you want crap like this to happen so you can say bb os is just as bad as the rest of them ( even though this vulnerability has nothing to do with the smartphones themselves).

I don't think she was alluding to any vulnerability being hysterical, so much as she was exhibiting a bit of satisfaction in seeing what may be an example of blind faith being contested. (kinda like I do in theology debates)

[melissaryyy]

Quote:

Originally Posted by mjs416

I have always pointed out the flaws of androids and ios but I dont think I have ever found those vulnerabilities "hysterical". Its almost as if people like you want crap like this to happen so you can say bb os is just as bad as the rest of them ( even though this vulnerability has nothing to do with the smartphones themselves).

Nope, what I want is for people to admit that no phone or OS is perfect. You can like whichever phone/OS you want, but there's no reason to get on forums and rant endlessly about how no other phone compares. They're different for a reason, because people all have different wants/needs. There's no reason to bash iPhone or Android, just like there's no reason for them to bash BB. People should act like adults and realize that each phone and OS have their advantages.

[AlphaColbalt95]

Quote:

Originally Posted by West Coast Flavor

Yea. I saw five or six threads trashing Android. I TOLD them just because they use bb they ARE NOT IMMUNE!

Posted from my CrackBerry at wapforums.crackberry.com

I've never heard someone say that BlackBerries were immune to attacks. I've heard that they are more secure than other phones but immune. No device can stop every attack.

We shoould let RIM get the word out to the users and don't open e-mails that says that "you have been chosen randomly to enter a contest for a carrage ride"

Why does it always have to be "see I told you that your BlackBerry isn't secure" when this thing happens. Can't we all just get along?

[branta]

If anyone took the time to look at the original RIM documentation... It is obvious that this is an attack which hits the BES server, not the mobile device. As such the majority of users here (BIS service) are NOT at risk.

http://btsc.webapps.blackberry.com/b...rnalId=KB27244

[Qbnkelt]

Interesting. There is a vulnerability on the BES *server* for which RIM has sent a patch and people are joyfully dancing in the streets because such a vulnerability exists.
This is the same thing that happens to Android and iPhone *phones* all the time and for which, when such a thing happens, everyone immediately points out how a patch was sent.
So the next time there is an iPhone or Android vulnerability I will call the incident hilarious and dance in the street as well.
And oh by the way.....perhaps the reason this incident is giving such joy to the detractors is because it's so rare..as opposed to the nearly monthly news that some Android or iPhone security flaw was detected.
Come on....the joy is rather unflattering.