| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 14 Oct 2005 02:57:42 -0000 From: none@...urityfocus.com To: bugtraq@...urityfocus.com Subject: Trusted Digital, Trusted Mobility Suite Authorization Bypass Vulnerability Trusted Digital, Trusted MObility Suite Authorization Bypass Vulnerability Affected applications Trusted Mobility Agent PC Policy Versions: All Backgroud: Trusted Mobility Suite detects, controls and centrally manages mobile devices. It also pushes security policy and disables lost or stolen devices. It offers robust protection of PDA devices with simple management tools to ensure that security is maintained. Workstations have a client installed that disallows syncing if users are not authorized to sync, along with several other features. When a user attempts to sync for the first time, the PC Policy windows opens. The user is required to enter their Domain username and password. Description: When the PC Policy Window opens, the user can click on the cancel button, open activesync or other syncing software, and sync handheld device. The PC Policy window will periodially come back up, user can continue to cancel and resync handheld device with no problem. Solution: The vendor has been contacted well over two months ago. Was told a beta was in testing but nothing has been released yet.
Powered by blists - more mailing lists