Slashdot Mirror

← Back to Stories (view on slashdot.org)

BlackBerry Server Can Be Hacked With Image File

Posted by timothy on from the image-of-the-emir-perhaps dept.

Trailrunner7 writes "There are remotely and easily exploitable vulnerabilities in the BlackBerry Enterprise Server that could allow an attacker to gain access to the server by simply sending a malicious image file to a user's BlackBerry device. The vulnerabilities are in several version of BES for Exchange, Lotus Domino and Novell GroupWise, and Research in Motion said that an attacker who is able to exploit one of the bugs might also be able to move from the compromised BES server to other parts of the network."

51 comments

  1. It's A Trade Off by WrongSizeGlass · · Score: 5, Funny

    Sure my client's BES could be hacked with an image file, but the image is of a really hot chick, so it's a fair trade.

    1. Re:It's A Trade Off by Anonymous Coward · · Score: 1

      You made me click on the TFA with your comment!

      I am sad. There is no hot chick in TFA... :(

    2. Re:It's A Trade Off by girlintraining · · Score: 2

      Sure my client's BES could be hacked with an image file, but the image is of a really hot chick, so it's a fair trade.

      That's pretty sexist. Only about half the population would appreciate that.

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:It's A Trade Off by Anonymous Coward · · Score: 0

      about half? aren't you forgetting about the lesbians and bisexuals? So the OP might be sexist, but you appear to be homophobic!

      don't cast stones from glass houses.
      la la lala la

    4. Re:It's A Trade Off by Anubis350 · · Score: 1

      To be fair, *if* the GP were assuming that approx. 50% of the pop is male, 50% female, and that there are approximately similar numbers of gays and lesbians (no idea if that's in any way true or not), the comment would make perfect sense without being homophobic...

      --
      "goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
    5. Re:It's A Trade Off by jmac_the_man · · Score: 2

      To be even more fair, the question was about "is into chicks." If gays and lesbians occur with the same frequency in the population of men and women, respectively, they would cancel each other out. But if bisexuals ALSO occur with the same frequency regardless of gender, they don't cancel each other out, but instead that number counds twice.

    6. Re:It's A Trade Off by Anubis350 · · Score: 2

      unless there's enough asexuals to cancel them out :-p

      --
      "goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
    7. Re:It's A Trade Off by Anonymous Coward · · Score: 0

      And everyone is forgetting about the pedophiles. They need to be counted too!

    8. Re:It's A Trade Off by Anonymous Coward · · Score: 0

      I'm a male and I don't think that's a fair trade for a compromised client's BlackBerry server...but if it were a DOS attack sending many images...

    9. Re:It's A Trade Off by Scott+Scott · · Score: 1

      Actually, anyone who's read girlintraining's user page would know she's anything but homophobic.

      (Did someone say something about glass houses?)

    10. Re:It's A Trade Off by Anonymous Coward · · Score: 0

      Only about half the population would appreciate that.

      A fair bit more than half the population because bisexual people get two votes. Sex is not a democracy.

    11. Re:It's A Trade Off by drinkypoo · · Score: 1

      That's a lot of crap, there are tons of (straight) women who look at the pictures in Playboy because they can appreciate a pretty woman, but virtually no (straight) men who will even open a copy of Playgirl.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  2. It's all about the image by SilverHatHacker · · Score: 4, Funny

    1. Send goatse image to BB.
    2. BB holder frozen in shock.
    3. Walk up to frozen holder, appropriate keys/saved passwords/etc.
    4. ???
    5. Profit!

    --
    Funny may not give karma, but +5 Informative never made anyone snort coffee out their nose.
    1. Re:It's all about the image by Kell+Bengal · · Score: 1

      Obvious goatse troll is obvious.

      --
      Scientists point out problems, engineers fix them
      altslashdot.org: The future of slashdot.
    2. Re:It's all about the image by dev534 · · Score: 0, Insightful

      not obvious to 70 victims that clicked on that link....

    3. Re:It's all about the image by Pseudonym+Authority · · Score: 1

      I knew it was goatse and still clicked. What kind of effeminate pansy is still shocked by goatse after all these years. For fucks sakes this is the internet. At least link to Last Measure so that the jews.wma will annoy people. (And it's run by the GNAA, a fine organization with a deep and fulfilling history on slashdot.)

    4. Re:It's all about the image by Taty'sEyes · · Score: 1

      I'm a little disturbed by your opinion of SFW. What type of work do you do exactly?

      --
      We show geeks how to get their dream girl at EyesOfOdessa.com
    5. Re:It's all about the image by hairyfeet · · Score: 1

      PC repair maybe? I know my old boss would never warn me before giving me the PC of "latino guy" or "buttgirl" to fix. Thanks a lot Doug, asshole. Latino guy would always end up with porn bugs for gay sites, usually some Latino oiled up nasty shit, and buttgirl? /Shivers at the horror/ Old buttgirl had a BF that had to weigh a good 350 and was hairy as a damned wookie and she would take all these thong pics of his big old hairy ass and make them her wallpapers, the icons for folders, her screensavers...fuck that was rough. the shit we PC guys get to see sometimes, like the gal that had dildos that i swear needed their own fricking gun rack...eek!

      As for TFA...people still use Blackberry? I thought everyone had switched to iPhone and Android by now. If MSFT has any brains left at that outfit they'll make sure to have excellent AD and GPU support in their Nokia WinPhones and will drive the final nail in the coffin that is RIM. Frankly TFA doesn't surprise me as that company has just gone from one mistake after another lately and having a serious security hole just seems like the icing on the cake.

      Once upon a time everywhere I went it was crackberries, but now all I ever see is iPhones and the HTC Androids. If a security hole appears but nobody is there to exploit it, does it still count?

      --
      ACs don't waste your time replying, your posts are never seen by me.
    6. Re:It's all about the image by Anonymous Coward · · Score: 0

      And in the Tottenham riots in London the rioters used Blackberry's Message service because the police could not monitor it but thankfully they looted iPhones rather than gym equipment or golf clubs so the police will be able to monitor next time they, um, get upset about being poor and disenfranchised. Or something else worth rioting over.

    7. Re:It's all about the image by dev534 · · Score: 0

      I knew it was goatse and still clicked. What kind of effeminate pansy is still shocked by goatse after all these years. For fucks sakes this is the internet. At least link to Last Measure so that the jews.wma will annoy people. (And it's run by the GNAA, a fine organization with a deep and fulfilling history on slashdot.)

      Well, you have good points here.
      For start, sadly, Last measure is blacklisted in both Firefox and Chrome. Do you know a Last measure mirror that works and isn't?
      I am very aware of Last measure though.

      Then sure, Goatse is supposed not to shock anyone. Well unless your boss doesn't pass by... Dunny, but I get the angriest responses when I troll Goatse. Would love to use something stronger, and tried few times.
      The Mac user scored not bad, but still Goatse seems to be better.

      Here take a look at favorite responses (and mind that most responses are about Goatse):

      Funny:
      "What an ass. Warning: Unpleasant picture in the link. That's what I get for browsing at 1, I guess."
      "I'm just curious what gratification you get from this... do you jerk off to your hit counter?"
      "O neat, you quoted me! Now I have to ask, why do you do this? seriously whats the motivation?"
      "1999 called they want their overused shock pictures back."
      "Parent post is a goatsex picture. Do not follow. You're an asshole of the proportions in that picture."
      "Link above is to goatse. Fuck you douchebag."
      "Turn on TinyUrl previews. It saves lives."
      "Ugh. Goatse. NSFW. Asshole (poster and picture, both)."
      "Seriously ... new account to post that ... what a douche!"
      "You're a fucking douchbag." - "That is the most accurate comment yet"
      "Not gonna click it to find out, but I'd be surprised if parent's link wasn't goatse... It appears you would be correct sir. Why oh why do I always forget..."
      "My word, what is wrong with your anus? I'd get that checked out."
      "It's because of Assholes like you that I can no longer trust URL shorteners"
      "Thanks, I'm reading slashdot in class like a good student and just got tubgirl'd."
      "Watching second monitor, there was something wrong with the other screen. Control + w. Phew..."
      "Hey family! Come look! They're opening the Google Talk client! Now, click here......" (sees goatse)
      "I tried to post warnings about the goaste loving jerk yesterday but was modded into oblivion as a karma whore"
      "Posting your picture online again?", "Really? Are you not tired of this yet?"
      (Me posts goatse link and tells that it is SFW): "You mean NSFW asshole."
      "Can you not afford normal entertainment?" "This is grown up talk, 4chan is that way ->"
      "Oops. goatse link" - "The AC speaks truth! (Well I didn't let it finish loading, but the browser was connecting to goatse.ru...)"
      "He likes his urinal cakes nice and sudsy, so he tries to piss us off."
      "Link is Goatse" - "Thanks. Does nerd soccer attract nerd hooligans?"
      "You must be really bored, eh? Take your shit somewhere else. We don't serve your kind around here."

      Hate:
      "Motherfucker. Some of us are at work and don't want to have a drilled out anus pop up on their fucking screen. Christ."
      "BAN HIM!" "Ur a faggot for posting that."
      "Death to all assholes - Let's put you first into the guillotine"
      "You fucker" - "I had the same thought as you. What a fucking asshole. The link is nsfw."
      "I hate your guts.", "WTF you fucking asshole.", "Fucking troll, do not click there"
      "I hope you die in a fire before you are old enough to contaminate the gene pool."
      "It would be more interesting if I had a piece of pipe and your face, in close proximity so I could smash your face beyond recognition,"
      "Bravo teeny bopper. You're a really mature mother fucker (or do you prefer father fucking? Damn you homo erotic shittter)."
      "Wait! I think I hear your mommy calling to give your tongue a good soap washing. And maybe s

    8. Re:It's all about the image by Pseudonym+Authority · · Score: 1

      Well, one particularly nasty person posted some CP of a kid being raped a while back, during a discussion on Tor vulnerabilities (I think). /. is total garbage when it comes to search, so I can't point you to it until CmdrTaco gets off his ass to fix it. If you are really serious about the road you are taking, you could always try that. May be hard to avoid prison with though. Not to mention that it kinda crosses the lines from asshole to monster pretty quick. Might want to leave that to the /b/tards.

      Good luck in your adventures of false advertisements, what ever you decide!

  3. If it was iOS Server... by Anonymous Coward · · Score: 0

    ... you would have to use an image of an effeminate, scarf wearing Mac user to hack it

  4. But NIST certified it! by Anonymous Coward · · Score: 0

    So it must be secure. Really!

    1. Re:But NIST certified it! by belg4mit · · Score: 1

      No, they certified the (stupidly named) PlayBook tablet.

      --
      Were that I say, pancakes?
  5. Haven't you heard? by Anonymous Coward · · Score: 0

    Haven't you heard? Servers aren't trendy. Servers aren't hip. You can't take a server to your local Starbucks and doodle on it while you sip your latte macchiato. A server in a social setting like that would be un-cool.

    1. Re:Haven't you heard? by That+Guy+From+Mrktng · · Score: 1

      This is your hipster server Steaming Chrome Racks baby!

  6. SNOW CRASH!!! by Anonymous Coward · · Score: 0

    ...Snow crash.....

  7. A Malicious Image File eh? by Anubis350 · · Score: 1

    I always knew we needed an emoticon for "pwned!"

    --
    "goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
  8. Do they think I'm stupid? by MacGyver2210 · · Score: 4, Funny

    So you want me to click a link to an article about hacking via image files...?

    *opens lynx*

    --
    If the only way you can accept an assertion is by faith, then you are conceding that it can't be taken on its own merits
    1. Re:Do they think I'm stupid? by Anonymous Coward · · Score: 0

      Unless your browsing the internet on your BES Server I think you'll be fine.

  9. This article is illegal! by xmorg · · Score: 2

    This article violates teh DMCA and has been sent to the DHS for immediate action against the terrorists who wrote it.
    All those involved will be hand molested by the TSA before being sent to Guantanamo bay.

  10. Sad. by m1ndcrash · · Score: 0

    BlackBerry's selling point is high-end security. Unfortunately, we learn again that anything can be broken and/or hacked. Moreover, the fact that exploit doesn't require any user action and launches arbitrary code is simply scary; since most of the mobile malware need to be downloaded and installed manually.

  11. Sad is how negative this was written! by Anonymous Coward · · Score: 1

    RIM announced the problem, WITH the solution, it wasn't. Announced by a 3rd party, so RIM remains dedicated to security.

    The problem is on servers, not on devices, maintaining device security. One would need intimate knowledge of the BES set up to actually extract information from the server.

    Their communication between device and server has yet to be hacked

    1. Re:Sad is how negative this was written! by Alex+Zepeda · · Score: 1

      I think you forgot the quotes around "security". As long as they're decrypting stuff voluntarily for various governments, there's nothing secure about it.

      --
      The revolution will be mocked
    2. Re:Sad is how negative this was written! by Anonymous Coward · · Score: 0

      They can't decrypt BES data (which is what this article is about), as the BES keys are generated by the BES server administrator which are not known to RIM.

      How about you get your facts straight before you start spreading FUD?

  12. TNG by Kebis · · Score: 1

    Isn't this exploit pretty much what Captain Picard wanted to do to the Borg in the episode with Hue?

  13. The servers control the devices. by apparently · · Score: 1
    While this may be true:

    Their communication between device and server has yet to be hacked

    This isn't:

    One would need intimate knowledge of the BES set up to actually extract information from the server.

    Their communication between device and server has yet to be hacked

    From the KB warning:

    "Vulnerabilities exist in how the BlackBerry MDS Connection Service and the BlackBerry Messaging Agent process PNG and TIFF images for rendering on the BlackBerry smartphone. Successful exploitation of any of these vulnerabilities might allow an attacker to gain access to and execute code on the BlackBerry Enterprise Server. Depending on the privileges available to the configured BlackBerry Enterprise Server service account."

    Access to the besadmin account gives an attacker all sorts of access to the server. That account has sendas permissions on all users mailboxes, can make configuration changes to the BES configuration, including changing device settings, and pushing applications to the devices.

    It really wouldn't be all that hard to completely compromise an organization's Blackberry configuration -- server and device -- and there's a good chance that you'd be able to escalate privileges onto other servers within the network.

    1. Re:The servers control the devices. by kevinmenzel · · Score: 1

      But what is true is that the Slashdot editors or the submitter has decided that instead of even mentioning the patch, they would just focus on the exploit.

      Strange of course, as the source material for this post is titled "Severe Remote Flaw Fixed in BlackBerry Enterprise Server", and the source for THAT article does indeed include the patch itself.

    2. Re:The servers control the devices. by lennier · · Score: 1

      But what is true is that the Slashdot editors or the submitter has decided that instead of even mentioning the patch, they would just focus on the exploit.

      But of course the patch has automagically applied itself to every BES server in the world, instantly, leaving no window of vulnerability while sysadmins scramble to apply it.

      I mean, that's what patches do, right?

      --
      You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
  14. Another reason by Anonymous Coward · · Score: 0

    not to use a Riotberry

  15. This hasn't been a problem for a while by narcc · · Score: 1

    RIM shipped a patch for these vulnerabilities almost a week ago. The headline should read "Blackberry Server Can't Be Hacked With Image File"

    That's right, this was discovered and fixed long before it could become a problem. That's what I expect from RIM's best-in-class security.

    --
    Required reading for internet skeptics
    1. Re:This hasn't been a problem for a while by Anonymous Coward · · Score: 0

      Super duper double ungood! You are interpreting the facts wrong! SJ, Infinite Loop, RDF.

  16. Fix by Anonymous Coward · · Score: 0

    Hi @Trailrunner7,

    Alex from RIM here. I just wanted to jump in here to let you know that a fix was issued to this and you can find it here: http://bbry.lv/rkbQJk.

    Cheers,
    Alex, RIM Social Media Team