Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

RIM BlackBerry Pearl 8100 Browser DoS
From: clappymonkey () gmail com
Date: 12 Mar 2007 11:40:14 -0000
RIM BlackBerry Pearl 8100 Browser DoS
------

12 March 2007

Summary:
A vulnerability has been discovered that could impact upon the availability of the BlackBerry 8100 Wireless handheld 
(v4.2.0.51). It is possible for a remote attacker to construct a WML page that contains an overly long string value 
within a link (e.g.: <a href = "aaaaaaaaaaaaaaaaaaa etc.>). Should the page or link be accessed by BlackBerry devices, 
this leads to a temporary Denial of Service within the 4thPass browser component on the device, and temporary device 
inoperability. Normal functionality will be returned to the browser / device after an amount of time relative to the 
size of the link supplied, or by physically removing and reinserting the battery thereby creating a reset.

Business Impact:
Exploitation of this issue can lead to a loss of device functionality.  

Affected Product(s):
The BlackBerry 8100 (Pearl) handheld device (v4.2.0.51)

Remediation:
Upgrade to vendor patch 4.2.1

Additional details of this vulnerability are available from the vendor at www.blackberry.com/security/news.jsp

Credit:
Michael Kemp (www.clappymonkey.com)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]