Flaws found in BlackBerry server Waterloo, Ontario-based Research In Motion Ltd. (RIM) has acknowledged that attackers...
could exploit flaws in its BlackBerry Enterprise Server to cause a denial-of-service. But the vendor has developed a workaround. Danish vulnerability clearinghouse Secunia issued its own advisory describing two problems:
- An error in how malformed TIFF image attachments are handled can be exploited to prevent a BlackBerry user from viewing attachments.
- An error in how Server Routing Protocol (SRP) packets are handled can be exploited to disrupt the communication between the BlackBerry Enterprise Server and BlackBerry Router service, potentially causing a denial of service.
Secunia noted that successful exploitation requires that the attacker is able to connect to the BlackBerry Server/Router via TCP port 3101.
As a workaround, RIM recommends ensuring TIFF images aren't processed by the attachment service and/or disabling the image attachment distiller. The vendor added that the BlackBerry Enterprise Server and the BlackBerry Router should be placed behind the firewall in a trusted network segment.
SS numbers of H&R Block customers reportedly exposed
H&R Block Inc. has sent a letter to customers warning that those who received free copies of its TaxCut software may have had their Social Security numbers exposed. H&R Block learned of the slip-up in late December, after a customer informed the company that a unique ID that appeared on the package, above the mailing label, contained his or her Social Security number, according to a report from eWeek. The Social Security number was used as part of a unique, 47-digit tracking number. Denise Sposato, a spokesperson for H&R Block, told eWeek that the number would be impossible to spot and that no customer data has been lost or stolen as a result of the mistake. The Kansas City, Mo.-based company believes that less than 3% of those who were mailed a copy of TaxCut had their Social Security numbers used.
Multiple flaws found in Linux kernel
Attackers could exploit multiple security holes in the Linux kernel to cause a denial of service or gain elevated user privileges. The French Security Incident Response Team (FrSIRT) outlined four problems in an advisory:
- Local attackers could exploit an error in how policy system calls are handled to cause a denial of service.
- A one-byte buffer overrun error in "kernel/sysctl.c" that appears when overly long user-supplied strings are processed could be exploited by local attackers to execute arbitrary commands.
- An error in "net/ipv4/fib_frontend.c" that appears when malformed "fib_lookup" netlink messages are processed could cause illegal memory references.
- A buffer overflow error in the CA-driver for TwinHan DST Frontend/Card [drivers/media/dvb/bt8xx/dst_ca.c] could be exploited by malicious users to cause a denial of service or potentially execute arbitrary commands.
Linux Kernel version 2.6.x, first released last year, is affected. FrSIRT recommends users upgrade to Linux Kernel 2.6.15.
Dig Deeper on Information Security Laws, Investigations and Ethics