Hackers Find Security Hole In BlackBerry Enterprise Server

Phenoelit found a problem in the way the server's BlackBerry Router handles Server Routing Protocol packets. An attacker could cause denial of service by sending "specially crafted" packets to the router, according to a vulnerability note posted on the U.S. Computer Emergency Readiness Team's Web site. The result could be disrupted communications between the BlackBerry Enterprise Server and BlackBerry devices, the note states.

In a prepared statement, Research In Motion said it "has already developed software fixes for the issues identified by [the group] and although there have been no customer reports of any actual problems, RIM has also provided temporary precautionary measures that can be taken in the mean time until customers are able to implement the software updates."

RIM asks companies to make sure their BlackBerry Enterprise Server and BlackBerry Router are located behind the corporate firewall. RIM calls it an "internal-only vulnerability" that can be caused by an inside attacker.