Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Blackberry Server Vulnerability SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Blackberry Server Vulnerability

For all of you running around with a Blackberry, be careful of opening .pdf files.  A vulnerability announced on Tuesday allows for specially crafted .pdf files when opened on your blackberry to potentially  "cause memory corruption and possibly lead to arbitrary code execution on the computer that hosts the BlackBerry Attachment Service."  If you have not done so, please make sure your servers are patched. The versions afftected are:

  • BlackBerry® Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 5.0
  • BlackBerry® Professional Software 4.1 Service Pack 4 (4.1.4)

If anyone has gotten or gets a malicious .pdf, please send us a copy.

Lorna

165 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!