lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Sep 2005 18:29:47 +0400 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: contact@...scanner.com Cc: bugtraq@...urityfocus.com Subject: Re: Airscanner Mobile Security Advisory #05082201: File Transfer Anywhere v3.01 Local Server Password Disclosure Dear contact@...scanner.com, Wow! Local information leak for Pocket PC ;) The problem is exploitation is not trivial - it requires local attacker to be able to install software, because (as far as I know) there is no default application for Windows for Mobile to browse registry. Because Windows for Mobile is not real multi-user system, this issue can not be classified as security one. --Wednesday, September 14, 2005, 3:31:18 AM, you wrote to bugtraq@...urityfocus.com: cac> File Transfer Anywhere v3.01 Local Server Password Disclosure cac> Mobile device running Windows Mobile Pocket PC with Transfer -- ~/ZARAZA http://www.security.nnov.ru/
Powered by blists - more mailing lists