Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure
Dear contact@xxxxxxxxxxxxxx,
Wow! Local information leak for Pocket PC ;)
The problem is exploitation is not trivial - it requires local attacker
to be able to install software, because (as far as I know) there is no
default application for Windows for Mobile to browse registry. Because
Windows for Mobile is not real multi-user system, this issue can not be
classified as security one.
--Wednesday, September 14, 2005, 3:31:18 AM, you wrote to
bugtraq@xxxxxxxxxxxxxxxxx:
cac> File Transfer Anywhere v3.01 Local Server Password Disclosure
cac> Mobile device running Windows Mobile Pocket PC with Transfer
--
~/ZARAZA
http://www.security.nnov.ru/