Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service for the BlackBerry Enterprise Server
Contents [show]
Products
Environment
Overview
Problem
Resolution
Workaround
Additional Information
Doc ID: KB19860
Modified Date: 12-01-2009
Document Type: Security_Advisory
Print this page
Products
* BlackBerry® Enterprise Server
* BlackBerry® Professional Software
Environment
Research In Motion (RIM) has tested the following software to determine which versions or editions are affected. Other versions or editions are past their support life cycle.
Affected Software
Software
Component/Functionality
Severity Rating (CVSS score)
BlackBerry Enterprise Server software version 5.0.0 running on Microsoft® Windows® version 2003 or 2008
PDF distiller
5.7*
BlackBerry Enterprise Server software version 5.0.0 running on Microsoft Windows version 2000
PDF distiller
9.3
BlackBerry Enterprise Server software version 4.1 Service Pack 3 (4.1.3) through 4.1 Service Pack 7 (4.1.7)
PDF distiller
9.3
BlackBerry Professional Software 4.1 Service Pack 4 (4.1.4)
PDF distiller
9.3
* The lower CVSS score of 5.7 is due to the default availability of defensive tools that mitigate the vulnerabilities in this software configuration only. For more information, see
http://technet.microsoft.com/en-us/l...98(WS.10).aspx.
Non-Affected Software
*
BlackBerry Enterprise Server version 4.1.2 and earlier
*
BlackBerry® Device Software on all BlackBerry smartphones
*
BlackBerry® Desktop Software
Overview
This advisory describes security issues that the BlackBerry Attachment Service component of the BlackBerry Enterprise Server is susceptible to. The issues relate to the handling of malformed and possibly malicious PDF files.
Issue Severity: These vulnerabilities each have a Common Vulnerability Scoring System (CVSS) score of 9.3 or 5.7 (dependent on the software configuration).
Issue Status: Vulnerabilities confirmed. Software containing security update released.
Recommendation: Complete the resolution actions documented in this advisory.
Related BlackBerry security advisories: KB18327, KB17953, KB15766, KB17118
This advisory does not replace the advisories listed above, which describe earlier, similar vulnerabilities. Customers affected by the issues described in this advisory should also review the earlier advisories for descriptions of the earlier vulnerabilities. However, for the convenience of affected customers, the software update in this security advisory also includes the fixes from the earlier advisories.
Problem
Multiple security vulnerabilities exist in the PDF distiller of some released versions of the BlackBerry Attachment Service component of the BlackBerry Enterprise Server. These vulnerabilities could enable a malicious individual to send an email message containing a specially crafted PDF file, which when opened for viewing on a BlackBerry smartphone that is associated with a user account on a BlackBerry Enterprise Server, could cause memory corruption and possibly lead to a Denial of Service (DoS) condition or arbitrary code execution on the computer that hosts the BlackBerry Attachment Service component of that BlackBerry Enterprise Server.
Resolution
RIM has issued the following releases and interim security software updates that resolve these vulnerabilities in affected versions of the BlackBerry Enterprise Server and BlackBerry Professional Software.
For BlackBerry Enterprise Server version 5.0 for Microsoft Exchange and IBM® Lotus® Domino®
* Visit
http://www.blackberry.com/go/serverdownloads to upgrade to BlackBerry Enterprise Server Version 5.0.1 or later, or obtain Interim Security Update 3 for BlackBerry Enterprise Server software version 5.0.0.
For BlackBerry Enterprise Server version 4.1.7 for Microsoft Exchange and IBM Lotus Domino
* Visit
http://www.blackberry.com/go/serverdownloads to obtain Interim Security Update 1 for BlackBerry Enterprise Server software version 4.1.7.
For BlackBerry Enterprise Server version 4.1.6 for Microsoft Exchange and IBM Lotus Domino
* Visit
http://www.blackberry.com/go/serverdownloads to upgrade to BlackBerry Enterprise Server Version 4.1.6 MR8 or later.
For BlackBerry Enterprise Server version 4.1.6 for Novell® GroupWise®
* Visit
http://www.blackberry.com/go/serverdownloads to upgrade to BlackBerry Enterprise Server Version 4.1.6 MR6 or later.
For BlackBerry Enterprise Server version 4.1.4
* Visit
http://www.blackberry.com/go/serverdownloads to upgrade to BlackBerry Enterprise Server Version 4.1.6 MR8 or later, or obtain Interim Security Update 5 for BlackBerry Enterprise Server software version 4.1.4.
For BlackBerry Professional Software
* Visit
http://na.blackberry.com/eng/support...b_professional to obtain Interim Security Update 5 for affected BlackBerry Professional Software versions.
Workaround
Note: As a mobile device best practice, RIM recommends that BlackBerry smartphone users open attachments from trusted sources only.
Prevent the BlackBerry Attachment Service from processing PDF files in a BlackBerry Enterprise Server environment
The administrator can prevent the BlackBerry Attachment Service from processing PDF files by editing the list of file format extensions that the BlackBerry Attachment Service opens, and then preventing the PDF attachment distiller from running on the BlackBerry Attachment Service.
To remove the PDF file extension from the list of supported file format extensions, complete the following actions:
For BlackBerry Enterprise Server versions earlier than 5.0, and BlackBerry Professional Software
1.
From the Windows Desktop, open the BlackBerry Server Configuration tool.
2.
Click the Attachment Server tab.
3.
In the Format Extensions field, delete pdf: from the colon–delimited list of extensions.
4.
Click Apply.
5.
Click OK.
For BlackBerry Enterprise Server version 5.0 or later
1. In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view > Attachment > Connector.
2. Click the BlackBerry Attachment Connector instance that is associated with the BlackBerry Attachment Service that you want to change.
3. In the Suport Attachment Server instances tab, click Edit instance.
4. Click the Edit icon.
5. Click the Delete icon for the PDF extension.
6. Click Save all.
Until the administrator prevents the PDF attachment distiller from running, the BlackBerry Attachment Service still detects a PDF file with a renamed extension (in other words, its extension is not .pdf) and attempts to process the file automatically. To prevent the PDF attachment distiller from running, complete the following actions:
For BlackBerry Enterprise Server versions earlier than 5.0, and BlackBerry Professional Software
1.
On the Windows Desktop, open the BlackBerry Server Configuration tool.
2.
Click the Attachment Server tab.
3.
In the Configuration Option drop-down list, select Attachment Server.
4.
In the Distiller Settings section, next to the distiller name Adobe PDF, clear the check box in the Enabled column.
5.
Click Apply.
6.
Click OK.
7.
On the Windows Desktop, in Administrative Tools, open Services.
8.
Right-click BlackBerry Attachment Service and click Stop.
9.
Right-click BlackBerry Attachment Service and click Start.
10.
Close Services.
For BlackBerry Enterprise Server version 5.0 or later
1.
In the BlackBerry Administration Service, on the Servers and components menu, expand BlackBerry Solution topology > BlackBerry Domain > Component view > Attachment > Server.
2.
Click the instance that you want to change.
3.
Click Edit instance.
4.
In the Distiller section, in the Allowed column, specify which distillers are supported for the instance.
5.
Click Save.
6.
Restart the BlackBerry Attachment Service.
For all versions
In Microsoft Exchange and Novell GroupWise environments , complete the following additional steps:
1. On the Windows Desktop, in Administrative Tools, open Services.
2. Right-click BlackBerry Dispatcher and click Stop.
3. Right-click BlackBerry Dispatcher and click Start.
4. Close Services.
Note: Restarting BlackBerry Enterprise Server services might delay message delivery to BlackBerry devices. For more information, see KB04789.
In IBM Lotus Domino environments, complete the following additional steps:
For BlackBerry Enterprise Server versions earlier than 5.0, and BlackBerry Professional Software
1.
Open the Lotus Domino Administrator.
2.
Click the Server tab.
3.
Click the Status tab.
4.
Click Server Console.
5.
In the Domino Command field, type tell BES quit and press ENTER.
6.
In the Domino Command field, type load BES and press ENTER.
7.
Close the Lotus Domino Administrator.
For BlackBerry Enterprise Server version 5.0 or later
Note: The administrator should not use the IBM Lotus Domino console to stop and start the BlackBerry Messaging Agent. If the administrator uses the IBM Lotus Domino console, the BlackBerry Messaging Agent libraries might not load properly and, if the administrator configures high availability, the BlackBerry Messaging Agent might not start correctly as the primary or standby instance.
1. Stop and start the BlackBerry Controller service and BlackBerry Dispatcher service in the Windows Services, or stop and start the BlackBerry Enterprise Server in the BlackBerry Administration Service.
Additional Information
Network Segmentation
The administrator can install the BlackBerry Attachment Service on a remote computer and then place that computer on its own network segment to prevent the spread of potential attacks from the BlackBerry Attachment Service to another computer within your organization’s network. In a segmented network, attacks are isolated and contained on a single area of the network. Using segmented network architecture is designed to improve the security and performance of the BlackBerry Attachment Service network segment by filtering out attachment data that is not destined for other network segments. For more information about placing the BlackBerry Enterprise Solution components in a network architecture that is segmented to prevent the spread of potential malware attacks, see Placing the BlackBerry Enterprise Solution in a Segmented Network.
CVSS
CVSS is a vendor agnostic, industry open standard designed to convey the severity of vulnerabilities. CVSS scores may be used to determine the urgency for update deployment within an organization. CVSS scores range from 0.0 (no vulnerability) to 10.0 (critical). RIM uses CVSS in vulnerability assessments to present an immutable characterization of security issues. RIM assigns all security relevant issues a non-zero score.
BlackBerry Security
Visit
www.blackberry.com/security for more information on BlackBerry security.
Disclaimer
By downloading, accessing or otherwise using the Knowledge Base documents you agree:
(a) that the terms of use for the documents found at
http://www.blackberry.com/support/kn...sclaimer.shtml apply to your use or reference to these documents; and
(b) not to copy, distribute, disclose or reproduce, in full or in part any of the documents without the express written consent of RIM.
Visit the BlackBerry Technical Solution Center at
http://www.blackberry.com/btsc.
New PDF Vulnerability
Linear Mode
