From the Slashdot.org web site…
An anonymous reader writes “Researchers have found several security holes in Blackberry handheld devices and the servers that power them, according to a story at Washingtonpost.com. The research points out serious flaws in the BlackBerry server, which could be exploited by convincing Blackberry handheld users to click on an image file attachment. From the article: ‘Lindner’s slides from his presentation – which he agreed not to release until RIM has fully fixed this problem – show that the Blackberry server which manages all of the encryption keys needed to unscramble e-mail traffic to and from all Blackberry devices registered on the network stores them on a Microsoft SQL database server in plain, unencrypted text. Lindner found that by convincing a Blackberry user to click on a special image attachment, that handheld device could be made to pass on malicious code to the Blackberry server, which could then be taken over and used to intercept e-mails or as a staging point for other attacks within the network.’”