Flaws found in BlackBerry server
Waterloo, Ontario-based Research In Motion Ltd. (RIM) has acknowledged that attackers could exploit flaws in its BlackBerry Enterprise Server to cause a denial-of-service. But the vendor has developed a workaround. Danish vulnerability clearinghouse Secunia issued its own advisory describing two problems:
- An error in how malformed TIFF image attachments are handled can be exploited to prevent a BlackBerry user from viewing attachments.
- An error in how Server Routing Protocol (SRP) packets are handled can be exploited to disrupt the communication between the BlackBerry Enterprise Server and BlackBerry Router service, potentially causing a denial of service.
Secunia noted that successful exploitation requires that the attacker is able to connect to the BlackBerry Server/Router via TCP port 3101.
As a workaround, RIM recommends ensuring TIFF images aren't processed by the attachment service and/or disabling the image attachment distiller. The vendor added that the BlackBerry Enterprise Server and the BlackBerry Router should be placed behind the firewall in a trusted network segment.
SS numbers of H&R Block customers reportedly exposed
H&R Block Inc. has sent a letter to customers warning that those who received free copies of its TaxCut software may have had their Social Security numbers exposed. H&R Block learned of the slip-up in late December, after a customer informed the company that a unique ID that appeared on the package, above the mailing label, contained his or her Social Security number, according to a report from eWeek. The Social Security number was used as part of a unique, 47-digit tracking number. Denise Sposato, a spokesperson for H&R Block, told eWeek that the number would be impossible to spot and that no customer data has been lost or stolen as a result of the mistake. The Kansas City, Mo.-based company believes that less than 3% of those who were mailed a copy of TaxCut had their Social Security numbers used.
Multiple flaws found in Linux kernel
Attackers could exploit multiple security holes in the Linux kernel to cause a denial of service or gain elevated user privileges. The French Security Incident Response Team (FrSIRT) outlined four problems in an advisory:
- Local attackers could exploit an error in how policy system calls are handled to cause a denial of service.
- A one-byte buffer overrun error in "kernel/sysctl.c" that appears when overly long user-supplied strings are processed could be exploited by local attackers to execute arbitrary commands.
- An error in "net/ipv4/fib_frontend.c" that appears when malformed "fib_lookup" netlink messages are processed could cause illegal memory references.
- A buffer overflow error in the CA-driver for TwinHan DST Frontend/Card [drivers/media/dvb/bt8xx/dst_ca.c] could be exploited by malicious users to cause a denial of service or potentially execute arbitrary commands.
Linux Kernel version 2.6.x, first released last year, is affected. FrSIRT recommends users upgrade to Linux Kernel 2.6.15.