BES Security Alert

Comments

FX has reported some vulnerabilities in BlackBerry Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Successful exploitation requires that the attacker is able to connect to the BlackBerry Server/Router via port 3101/tcp. The vulnerabilities have been reported in BlackBerry Enterprise Server version 4.0 and later.

Make sure the BlackBerry Enterprise Server and BlackBerry Router residing within the corporate network are located behind the corporate firewall. The most likely method of exploiting this configuration must be executed by an inside attacker. Proper firewall configuration can also ensure that BlackBerry Router components in a demilitarized zone (DMZ) are not susceptible to attacks from external sources.


Under normal circumstances, this should be viewed as an internal-only vulnerability because the BlackBerry Router will only communicate with the BlackBerry Infrastructure. An external user attempting to exploit this needs to manipulate Domain Name System (DNS) queries. This results in a denial of service and does not require any further action to interrupt connectivity to external services. Enterprises can mitigate the risk of DNS hijacking by creating static entries in their local DNS or HOSTS tables for the BlackBerry Infrastructure.