Details of VAR-200512-0645

ID

VAR-200512-0645

CVE

CVE-2005-2342

TITLE

Blackberry Enterprise Server Router SRP Packet Denial Of Service Vulnerability

Trust: 0.9

sources: BID: 16100 // CNNVD: CNNVD-200512-654

DESCRIPTION

Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets. The Blackberry Enterprise Server Router component is prone to a denial of service vulnerability. This could only be exploited by an attacker who can communicate with the Router. 1) An error exists in the Attachment Service when handling malformed TIFF image attachments. This can be exploited to prevent a BlackBerry user from viewing attachments. Successful exploitation requires that the attacker is able to connect to the BlackBerry Server/Router via port 3101/tcp. SOLUTION: The vendor recommends the following workaround. 1) Exclude TIFF images from being processed by the Attachment Service and/or disable the image attachment distiller. Refer to the vendor's original advisory for specific instructions. PROVIDED AND/OR DISCOVERED BY: FX, Phenoelit. ORIGINAL ADVISORY: http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898 http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167895 OTHER REFERENCES: US-CERT VU#570768: http://www.kb.cert.org/vuls/id/570768 US-CERT VU#392920: http://www.kb.cert.org/vuls/id/392920 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2005-2342 // CERT/CC: VU#392920 // CERT/CC: VU#570768 // BID: 16100 // VULHUB: VHN-13551 // PACKETSTORM: 42737

AFFECTED PRODUCTS

vendor:	research in motion rim	model:	-	scope:	-	version:	-	Trust: 1.6
vendor:	rim	model:	blackberry enterprise server	scope:	eq	version:	4.0_sp1	Trust: 1.6
vendor:	rim	model:	blackberry enterprise server	scope:	eq	version:	4.0	Trust: 1.6
vendor:	rim	model:	blackberry router	scope:	lte	version:	4.0	Trust: 1.0
vendor:	rim	model:	blackberry router	scope:	eq	version:	4.0	Trust: 0.6
vendor:	rim	model:	blackberry enterprise server for exchange sp1	scope:	eq	version:	4.0	Trust: 0.3
vendor:	rim	model:	blackberry enterprise server for domino	scope:	eq	version:	4.0	Trust: 0.3

sources: CERT/CC: VU#392920 // CERT/CC: VU#570768 // BID: 16100 // CNNVD: CNNVD-200512-654 // NVD: CVE-2005-2342

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2342
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#392920
value:	5.41
Trust: 0.8
CARNEGIE MELLON:	VU#570768
value:	7.02
Trust: 0.8
CNNVD:	CNNVD-200512-654
value:	HIGH
Trust: 0.6
VULHUB:	VHN-13551
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-2342
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13551
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#392920 // CERT/CC: VU#570768 // VULHUB: VHN-13551 // CNNVD: CNNVD-200512-654 // NVD: CVE-2005-2342

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2342

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-654

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-654

EXTERNAL IDS

db:	CERT/CC	id:	VU#392920	Trust: 2.6
db:	BID	id:	16100	Trust: 2.0
db:	NVD	id:	CVE-2005-2342	Trust: 2.0
db:	SECUNIA	id:	18277	Trust: 1.9
db:	VUPEN	id:	ADV-2006-0011	Trust: 1.7
db:	SECTRACK	id:	1015427	Trust: 1.7
db:	CERT/CC	id:	VU#570768	Trust: 0.9
db:	CNNVD	id:	CNNVD-200512-654	Trust: 0.7
db:	VULHUB	id:	VHN-13551	Trust: 0.1
db:	PACKETSTORM	id:	42737	Trust: 0.1

sources: CERT/CC: VU#392920 // CERT/CC: VU#570768 // VULHUB: VHN-13551 // BID: 16100 // PACKETSTORM: 42737 // CNNVD: CNNVD-200512-654 // NVD: CVE-2005-2342

REFERENCES

url:	http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167898	Trust: 2.9
url:	http://www.kb.cert.org/vuls/id/392920	Trust: 1.8
url:	http://www.securityfocus.com/bid/16100	Trust: 1.7
url:	http://securitytracker.com/id?1015427	Trust: 1.7
url:	http://secunia.com/advisories/18277	Trust: 1.7
url:	http://events.ccc.de/congress/2005/fahrplan/events/596.en.html	Trust: 1.6
url:	http://www.blackberry.com/knowledgecenterpublic/livelink.exe/?func=doc.fetch&nodeid=739746	Trust: 1.6
url:	http://www.vupen.com/english/advisories/2006/0011	Trust: 1.1
url:	http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/8021/728075/728850/728215/?nodeid=1167895	Trust: 0.9
url:	http://www.blackberry.com/knowledgecenterpublic/livelink.exe/?func=doc.fetch&nodeid=817014	Trust: 0.8
url:	http://www.blackberry.com/knowledgecenterpublic/livelink.exe/?func=doc.fetch&nodeid=780409	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2006/0011	Trust: 0.6
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/6715/	Trust: 0.1
url:	http://secunia.com/product/4531/	Trust: 0.1
url:	http://secunia.com/advisories/18277/	Trust: 0.1
url:	http://secunia.com/product/4530/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://www.kb.cert.org/vuls/id/570768	Trust: 0.1

sources: CERT/CC: VU#392920 // CERT/CC: VU#570768 // VULHUB: VHN-13551 // BID: 16100 // PACKETSTORM: 42737 // CNNVD: CNNVD-200512-654 // NVD: CVE-2005-2342

CREDITS

Discovery is credited to FX of Phenoelit.

Trust: 0.9

sources: BID: 16100 // CNNVD: CNNVD-200512-654

SOURCES

db:	CERT/CC	id:	VU#392920
db:	CERT/CC	id:	VU#570768
db:	VULHUB	id:	VHN-13551
db:	BID	id:	16100
db:	PACKETSTORM	id:	42737
db:	CNNVD	id:	CNNVD-200512-654
db:	NVD	id:	CVE-2005-2342

LAST UPDATE DATE

2024-08-14T14:00:27.286000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#392920	date:	2008-11-24T00:00:00
db:	CERT/CC	id:	VU#570768	date:	2006-01-09T00:00:00
db:	VULHUB	id:	VHN-13551	date:	2011-03-08T00:00:00
db:	BID	id:	16100	date:	2005-12-30T00:00:00
db:	CNNVD	id:	CNNVD-200512-654	date:	2007-06-04T00:00:00
db:	NVD	id:	CVE-2005-2342	date:	2011-03-08T02:24:08.237

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#392920	date:	2005-12-31T00:00:00
db:	CERT/CC	id:	VU#570768	date:	2005-12-30T00:00:00
db:	VULHUB	id:	VHN-13551	date:	2005-12-31T00:00:00
db:	BID	id:	16100	date:	2005-12-30T00:00:00
db:	PACKETSTORM	id:	42737	date:	2006-01-03T02:31:52
db:	CNNVD	id:	CNNVD-200512-654	date:	2005-12-31T00:00:00
db:	NVD	id:	CVE-2005-2342	date:	2005-12-31T05:00:00