| VID |
28136 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The BlackBerry Enterprise Server, according to its version number, has a denial of service vulnerability via the SRP packets. The BlackBerry Router is a component of the BlackBerry Enterprise Server (BES). The BlackBerry Router manages connections and routes data between BES servers, BlackBerry Infrastructure, BlackBerry Handhelds, and other BlackBerry client devices. The RIM BlackBerry Router component of BlackBerry Enterprise Server versions 4.0 through to 4.0 Service Pack 3 Hotfix 4 is vulnerable to a denial of service attack, caused by a vulnerability in the way the router handles Server Routing Protocol (SRP) packets. By sending specially-crafted SRP packets to the BlackBerry Router on port 3101, a remote attacker could cause a denial of service the affected router.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898
http://www.kb.cert.org/vuls/id/392920
http://www.securitytracker.com/alerts/2005/Dec/1015427.html
* Platforms Affected:
BlackBerry Enterprise Server (BES) versions 4.0 through to 4.0 Service Pack 3 Hotfix 4
Microsoft Windows Any version |
| Recommendation |
Install the appropriate service pack / hotfix or follow the workarounds, as listed in the BlackBerry Support Knowledge Base Article KB-04758 at http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898 |
| Related URL |
CVE-2005-2342 (CVE) |
| Related URL |
16100 (SecurityFocus) |
| Related URL |
23939 (ISS) |
|
