[40380] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure

daemon@ATHENA.MIT.EDU (3APA3A)
Mon Sep 19 13:13:27 2005

Date: Fri, 16 Sep 2005 18:29:47 +0400
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Message-ID: <1117675459.20050916182947@SECURITY.NNOV.RU>
To: contact@airscanner.com
Cc: bugtraq@securityfocus.com
In-Reply-To: <20050913233118.21993.qmail@securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Dear contact@airscanner.com,

Wow!  Local  information leak for Pocket PC ;)

The  problem is exploitation is not trivial - it requires local attacker
to  be  able to install software, because (as far as I know) there is no
default  application  for Windows for Mobile to browse registry. Because
Windows  for Mobile is not real multi-user system, this issue can not be
classified as security one.

--Wednesday, September 14, 2005, 3:31:18 AM, you wrote to bugtraq@securityfocus.com:

cac> File Transfer Anywhere v3.01 Local Server Password Disclosure

cac> Mobile  device  running  Windows  Mobile  Pocket  PC  with Transfer

-- 
~/ZARAZA
http://www.security.nnov.ru/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[40380] in bugtraq

Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure

daemon@ATHENA.MIT.EDU (3APA3A)Mon Sep 19 13:13:27 2005

daemon@ATHENA.MIT.EDU (3APA3A)
Mon Sep 19 13:13:27 2005