Bugtraq mailing list archives

Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 16 Sep 2005 18:29:47 +0400

Dear contact () airscanner com,

Wow!  Local  information leak for Pocket PC ;)

The  problem is exploitation is not trivial - it requires local attacker
to  be  able to install software, because (as far as I know) there is no
default  application  for Windows for Mobile to browse registry. Because
Windows  for Mobile is not real multi-user system, this issue can not be
classified as security one.


--Wednesday, September 14, 2005, 3:31:18 AM, you wrote to bugtraq () securityfocus com:

cac> File Transfer Anywhere v3.01 Local Server Password Disclosure

cac> Mobile  device  running  Windows  Mobile  Pocket  PC  with Transfer


-- 
~/ZARAZA
http://www.security.nnov.ru/

Current thread:

Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure contact (Sep 15)
- Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure 3APA3A (Sep 19)