Details

    • Feedback Policy:
      We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Description

      The application server accepted a vbscript file, an HTML file containing JavaScript, and the EICAR test virus as allowed attachments. This means that an attacker could submit a malicious file to the backend, where the file might be launched by another internal RIM employee if they click and open the attachment. The files were not checked or blocked from the server, or removed due to file name. These accepted files were able to be directly launched and executed from the application.

      The application server accepted a vbscript file, an HTML file containing JavaScript, and the EICAR test virus as allowed attachments. This means that an attacker could submit a malicious file to the backend, where the file might be launched by another internal RIM employee if they click and open the attachment. The files were not checked or blocked from the server, or removed due to file name. These accepted files were able to be directly launched and executed from the application.

      Impact:
      An attacker may be able to execute code remotely (internal to RIM), or even install a root kit to completely compromise a victim's system. Although endpoint (workstation) anti-malicious code controls are in place to protect RIM's corporate users from malicious files on the file server (i.e. Symantec Endpoint Protection), those files should not make it to the file server in the first place. (Not all systems on the network have up-to-date and adequate protection.) Defence-in-depth would warrant protection at all levels of file input

      An attacker may be able to execute code remotely (internal to RIM), or even install a root kit to completely compromise a victim's system. Although endpoint (workstation) anti-malicious code controls are in place to protect RIM's corporate users from malicious files on the file server (i.e. Symantec Endpoint Protection), those files should not make it to the file server in the first place. (Not all systems on the network have up-to-date and adequate protection.) Defence-in-depth would warrant protection at all levels of file input

      Root Cause: Improper Design / Configuration

      Recommendations:
      Use white-listing validation / verification for the file types accepted. Implement antivirus / anti-malware / deep file type inspection on the accepted files before they pass from the web application server to the file share (if stored separate from the database). Scan the files first before storing in the database.

      Check with the vendor for an attachment filter module or solution / plugin.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              cflinterman@rim.com CF
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: