Tuesday, June 4, 2013

BlackBerry Multiple Bugs

images (259×195)

I had found 3 bugs in blackberry mobile site, m.blackberry.com & 2 bugs in developers site developer.blackberry.com.

Tested ON- OS: Windows 7 Browser: Google Chrome & Firefox (latest versions)

1. URL redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting & or they are made to download malicious files.

A remote attacker can redirect users from your website to a specified URL. This problem may assist an attacker to conduct phishing attacks, trojan distribution, spammers.


=> Vulerable URL: http://m.blackberry.com/cps/rde/xchg/blackberrymobile2012/hs.xsl/-/index.html?
formregion=//www.apple.com&RememberRegion=yes&submit=GO

The above URL redirects to apple.com , which can be replaced with a malicious phishing URL or file containing Malware.

Fix: Your script should properly sanitize user input


2. Path disclosure Type: Information Disclosure URL: http://m.blackberry.com/cps/rde/xchg/blackberrymobile2012


The above URL is disclosing the path on the server: /cps/rde/xchg/SID-B461826F-730AD1C9/blackberrymobile2012


Fix: Deal with errors gracefully when a file is not located in the location is should be.


3.Important HTML forms without CSRF Protection- /at/de/feedback.html /at/de/polling1.html


I reported this to BlackBerry PSIRT already & the bugs are patched by now.

The 2 bugs in the developers site were use of SSL 2.0 deprecated protocol & SSL weak ciphers, which are not very critical.




0 comments:

Post a Comment