Critical vulnerabilities in all BES installations prior BES 5.0.4 MR2

Are you using the Zimbra Connector for BlackBerry? Post your comments and questions here.
Post Reply
aiko
Posts: 14
Joined: Fri Sep 12, 2014 11:40 pm

Critical vulnerabilities in all BES installations prior BES 5.0.4 MR2

Post by aiko »

Please update to BES 5.0.4 MR2 as soon as this bug is fixed:

https://bugzilla.zimbra.com/show_bug.cgi?id=78414

(Summary: "Official support for BES 5.0.4")
There are also some workarounds mentioned. They look like doing a snapshot before is a good idea. :)
Please, have a look at those pages for more details:

BlackBerry Enterprise Server vulnerable to dangerous TIFFs - The H Security: News and Features

KB33425-BSRT-2013-003 Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution
Kind regards and happy patching,

Aiko
Post Reply