Security Watch

Patches Still MIA for BlackBerry Flaw

PDA users still at risk for exploit code or denial of service, despite official acknowledgement of the vulnerabilities.

Hacking
Intellishield ID 10226: Research In Motion BlackBerry Enterprise Server Buffer Overflow and Denial -- The vulnerabilities could allow an attacker to execute arbitrary code on or cause a denial of service to the BlackBerry Attachment Service. An attacker could also cause a denial of service to the BlackBerry Router or the Web browser on BlackBerry Handheld devices. To exploit these vulnerabilities, an attacker would need to supply a crafted file that is viewed or downloaded by a BlackBerry Handheld; or the attacker would need to redirect a network connection directed to the BlackBerry Infrastructure.

A presentation at the Chaos Communications Congress presented the vulnerabilities with the BlackBerry device, the DES server and the BlackBerry router. The author stated that details were withheld until RIM got patches out; however, at this time, patches are still unavailable -- despite RIM having Support Knowledge Base articles on the issues.

The Attachment Service vulnerability pertains to how TIFF image format files are processed. If exploited, the attacker could cause code to be run on the BlackBerry Enterprise Server, despite the fact that the image would be accessed from the BlackBerry client device.

The BlackBerry Router vulnerability pertains to how it handles malicious SRP packets, sent to TCP3101 on the BlackBerry Enterprise Server, resulting in a denial of service of that server.

According to online security reporter Roger Grimes, IT security got better in 2005, but malware and buggy code threaten 2006.

In general, Cybertrust agrees that IT security got better. No global attacks, Windows XP SP2 adoption is up, more personal firewalls and local routers with firewalls, PCI, EMV, the California disclosure law, government use of strong authentication and a new focus on the state of application security all added to the "upside."

On the "downside" you have numerous reports of data leaks, millions of credit card and other personal information records were compromised, increased transaction fraud, bots, attacks on targets of choice, and the amazing increase in the exploitation of instant messaging.

Of course, we can't forget music companies selling products with rootkits available for malware authors to abuse...

Looking forward, it is reasonable to believe that we may just be in the eye of the storm. For years we sat on the edge of our seats waiting for the next global outbreak of something that would bring down our entire network. Today we can look forward to stealthier attacks specifically intended not to catch our attention yet turn our resources over to the criminals. Increased legislation may make us more liable for the abuse of our systems (or our lack of preventing the abuse) while AOL and other major ISPs do their very best to convince consumers the whole "security question" has been solved with the click of a single button.

I would argue we are on the cusp of a new generation of attacks, attacks which we're not currently looking for, that have been -- and will continue to happen -- at alarming rates...yet never trigger a global alarm. One good example is spam, another is applications that claim to be antispyware but are, in fact, spyware themselves.

Privacy
Tom Owad, using some old equipment and not that much time, managed to dig up the Amazon Wish Lists for more than 260,000 U.S. citizens. Amazon Wish Lists are available to everyone and anyone, on the premise that you would want your friends to look at your Wish List to help them decide what to buy you for your birthday. Owad simply automated the process of looking for valid people and then requesting their Wish List...all perfectly legitimate. Now he's the holder of some 5GB worth of reading habits and interests.

Amazon sounds like a new version of DejaNews!

About the Author

Russ Cooper is a senior information security analyst with Verizon Business, Inc. He's also founder and editor of NTBugtraq, www.ntbugtraq.com, one of the industry's most influential mailing lists dedicated to Microsoft security. One of the world's most-recognized security experts, he's often quoted by major media outlets on security issues.

comments powered by Disqus
Most   Popular