Results 1 to 13 of 13

from this article, i couldn't find the patch they were referring to. Is this true? ... BlackBerry Pearl forum

  1. #1
    ericalba's Avatar
    ericalba no está en línea Stack level 1
    Join Date
    Mar 2007
    Posts
    4

    RIM BlackBerry Pearl 8100 Browser DoS

    Advertisement



    from this article, i couldn't find the patch they were referring to. Is this true?

    www.securityfocus.com/archive/1/462589

    ----

    12 March 2007

    Summary:
    A vulnerability has been discovered that could impact upon the availability of the BlackBerry 8100 Wireless handheld (v4.2.0.51). It is possible for a remote attacker to construct a WML page that contains an overly long string value within a link (e.g.: <a href = "aaaaaaaaaaaaaaaaaaa etc.>). Should the page or link be accessed by BlackBerry devices, this leads to a temporary Denial of Service within the 4thPass browser component on the device, and temporary device inoperability. Normal functionality will be returned to the browser / device after an amount of time relative to the size of the link supplied, or by physically removing and reinserting the battery thereby creating a reset.

    Business Impact:
    Exploitation of this issue can lead to a loss of device functionality.

    Affected Product(s):
    The BlackBerry 8100 (Pearl) handheld device (v4.2.0.51)

    Remediation:
    Upgrade to vendor patch 4.2.1

    Additional details of this vulnerability are available from the vendor at www.blackberry.com/security/news.jsp

    Credit:
    Michael Kemp (www.clappymonkey.com)
    Last edited by cp6169; 03-13-2007 at 12:17 AM.

  2. #2
    cp6169's Avatar
    cp6169 no está en línea Device Pro
    Join Date
    Mar 2006
    PIN/ID
    3056468b
    Posts
    14,661

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Interesting?
    Last edited by cp6169; 03-13-2007 at 12:57 AM.

  3. #3
    ziminvades's Avatar
    ziminvades no está en línea Stack level 4
    Join Date
    Oct 2006
    PIN/ID
    Ask Me
    Posts
    702

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Is this a legit page. I worry about down loading anything that is not from a known vendor (wap.pinstack.com)~

  4. #4
    kayos72's Avatar
    kayos72 no está en línea Stack level 7
    Join Date
    Oct 2006
    PIN/ID
    ask me
    Posts
    3,504

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    hold on tryin it now!
    Been a long while since last login. Sorry all, adjusting to a new life is great and hell at the same time!!

  5. #5
    kayos72's Avatar
    kayos72 no está en línea Stack level 7
    Join Date
    Oct 2006
    PIN/ID
    ask me
    Posts
    3,504

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    DO NOT HIT THIS!!!!!!!!!
    while I am waiting for my bb to restart. got the darn hourglass on that link.
    it's cool, warranty
    I am curious how someone with 2 posts was able to posta link?
    any ideas?
    edit, all is cool I am stupid and have a warranty so let's try again
    DEE DE DEE
    Been a long while since last login. Sorry all, adjusting to a new life is great and hell at the same time!!

  6. #6
    kayos72's Avatar
    kayos72 no está en línea Stack level 7
    Join Date
    Oct 2006
    PIN/ID
    ask me
    Posts
    3,504

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    ok so all this link does is make the hourglass appear kinda freaks you out but after a restart all is cool.
    be warned people will fall for this!
    Sounds like someone trying to hack the bb?
    Gonna watch my bill, all it said was running script.
    guess the script was the hourglass
    Been a long while since last login. Sorry all, adjusting to a new life is great and hell at the same time!!

  7. #7
    GotPearl?'s Avatar
    GotPearl? no está en línea Stack level 5
    Join Date
    Dec 2006
    Posts
    1,168

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Quote Originally Posted by kayos72
    ok so all this link does is make the hourglass appear kinda freaks you out but after a restart all is cool.
    be warned people will fall for this!
    Sounds like someone trying to hack the bb?
    Gonna watch my bill, all it said was running script.
    guess the script was the hourglass
    Wait so it does nothing?

  8. #8
    kayos72's Avatar
    kayos72 no está en línea Stack level 7
    Join Date
    Oct 2006
    PIN/ID
    ask me
    Posts
    3,504

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    if you like the hourglass it will be great for ya!!!
    Been a long while since last login. Sorry all, adjusting to a new life is great and hell at the same time!!

  9. #9
    reddog187's Avatar
    reddog187 no está en línea Stack Moderator
    Join Date
    Dec 2006
    PIN/ID
    STACK
    Posts
    8,907

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    That's what kayos says. It doesn't look trust worthy since the poster only has 2 posts and is putting up LINKS to sites. I smell fish!

  10. #10
    kayos72's Avatar
    kayos72 no está en línea Stack level 7
    Join Date
    Oct 2006
    PIN/ID
    ask me
    Posts
    3,504

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    YUP.
    but as many of you know I will try anything on my bb.
    warranty is a great word!!
    sent a PM to the poster and nothing yet????
    Been a long while since last login. Sorry all, adjusting to a new life is great and hell at the same time!!

  11. #11
    ericalba's Avatar
    ericalba no está en línea Stack level 1
    Join Date
    Mar 2007
    Posts
    4

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Quote Originally Posted by reddog187
    That's what kayos says. It doesn't look trust worthy since the poster only has 2 posts and is putting up LINKS to sites. I smell fish!
    I'm asking if the story at the link is true or not. Check the link with your normal browser, it's the article I quoted. The article actually refers to the DOS attack as a form of hanging the BB browser (hence the hourglass for some of you I assume).

    I only gave a link to the story page that was talking about it, the source of the original information as well as the actual RIM/Blackberry news site with a possible patch. (which I said I couldn't find)

    2 posts, ya, i signed up a week ago and i'm asking questions and had to refer to a link. how the hell else is a pinstack noob supposed to refer to a specific link? Oh, and when i posted the links i originally just spaced the urls with [dot], etc. to comply with the posting guidelines.

    nice welcome wagon pinstackers.

  12. #12
    reddog187's Avatar
    reddog187 no está en línea Stack Moderator
    Join Date
    Dec 2006
    PIN/ID
    STACK
    Posts
    8,907

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Oh that's my bad. Sorry

    As for the vulnerability I believe it's referring to the Desktop Manager.
    The lastest version is 4.2.1.8 as of Jan 16 2007

    Again sorry for the mix up, just seemed out of the ordinary with the links.

  13. #13
    xxxsublimexx's Avatar
    xxxsublimexx no está en línea Stack level 2
    Join Date
    Feb 2007
    Posts
    68

    Re: RIM BlackBerry Pearl 8100 Browser DoS

    Hope this helps lmao

    ~via BB (wap.pinstack.com)~

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •