[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure

To: contact@xxxxxxxxxxxxxx
Subject: Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
From: 3APA3A <3APA3A@xxxxxxxxxxxxxxxx>
Date: Fri, 16 Sep 2005 18:29:47 +0400

Dear contact@xxxxxxxxxxxxxx,

Wow!  Local  information leak for Pocket PC ;)

The  problem is exploitation is not trivial - it requires local attacker
to  be  able to install software, because (as far as I know) there is no
default  application  for Windows for Mobile to browse registry. Because
Windows  for Mobile is not real multi-user system, this issue can not be
classified as security one.


--Wednesday, September 14, 2005, 3:31:18 AM, you wrote to 
bugtraq@xxxxxxxxxxxxxxxxx:

cac> File Transfer Anywhere v3.01 Local Server Password Disclosure

cac> Mobile  device  running  Windows  Mobile  Pocket  PC  with Transfer


-- 
~/ZARAZA
http://www.security.nnov.ru/

References:
- Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
  - From: contact

Prev by Date: ERRATA: [ GLSA 200507-20 ] Shorewall: Security policy bypass
Next by Date: [ GLSA 200509-12 ] Apache, mod_ssl: Multiple vulnerabilities
Previous by thread: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
Next by thread: PTL Advisory 050825 - HP LaserJet Network Username and Information Enumeration
Index(es):
- Date
- Thread