BlackBerry Enterprise PDF Processing Vulnerability
GSA Reference Number: AD080717-01
Simply Put: BlackBerry Enterprise Server has a new vulnerability in its attachment processing engine. Basically, if an attacker attaches a maliciously formatted PDF file to an email and sends it to a BlackBerry user, the server processing the attachment could become compromised. The BlackBerry user would have to view the email attachment on his phone to trigger the attack. This is a vulnerability in the BlackBerry server and not BlackBerry phones. If this attack is successful, arbitrary code could be run on the Enterprise Server.
Attack Details: BlackBerry requires a server to convert standard attachments into formats that are readable by its phones. There is a bug in the way the servers handle PDF attachments during the conversion. The vulnerability is reported in version 4.1.3 through 4.1.5 of Enterprise Server. Currently 4.1.5 is the latest version available. Since the BlackBerry Enterprise Server resides on the organizations network, this vulnerability is deemed critical.
Countermeasures: There is no patch available at this time. However, there is a workaround provided by BlackBerry. The workaround disables the processing of PDF attachments which will prevent PDF files from being read on Blackberry devices. Gladiator recommends implementing this workaround until a patch has been released. The workaround is explained in detail on the BlackBerry Vulnerability Announcement page linked below.
Update [7-21-2007]: A software update to address this vulnerability has been released. A link to the update and installation instructions can be found in the BlackBerry Vulnerability Announcement below.
Reference Links:
- SANS Internet Storm Center (http://isc.sans.org/diary.html?storyid=4733)
- Secunia Advisory (http://secunia.com/advisories/31092/)
- BlackBerry Vulnerability Announcement (http://www.blackberry.com/btsc/articles/660/KB15766_f.SAL_Public.html)