<<< Date Index >>>     <<< Thread Index >>>

Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure



Dear contact@xxxxxxxxxxxxxx,

Wow!  Local  information leak for Pocket PC ;)

The  problem is exploitation is not trivial - it requires local attacker
to  be  able to install software, because (as far as I know) there is no
default  application  for Windows for Mobile to browse registry. Because
Windows  for Mobile is not real multi-user system, this issue can not be
classified as security one.


--Wednesday, September 14, 2005, 3:31:18 AM, you wrote to 
bugtraq@xxxxxxxxxxxxxxxxx:

cac> File Transfer Anywhere v3.01 Local Server Password Disclosure

cac> Mobile  device  running  Windows  Mobile  Pocket  PC  with Transfer


-- 
~/ZARAZA
http://www.security.nnov.ru/