Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [Rival] HUGE Flaw in Windows Mobile Permits Hijacking


On Jan 30, 4:58 am, "Ezekiel" <Z...@xxxxx> wrote:
> "Roy Schestowitz" <newsgro...@xxxxxxxxxxxxxxx> wrote in message
>
> news:2531820.djQCTRkLCc@xxxxxxxxxxxxxxxxxx
>
>
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
>
> > Windows Mobile Bluetooth vulnerability allows access to any files
>
> > ,----[ Quote ]
> > | A directory traversing vulnerability in the Bluetooth OBEX-FTP server
> > of
> > | Windows Mobile 6 allows attackers to access files outside of the
> > permitted
> > | list. According to the report, using "../" or "..\\" as part of the
> > path
> > | name, is sufficient to traverse to other directories. An attacker could
> > use
> > | the technique to copy files from a device, or to install their own
> > software,
> > | such as a key logger, or other spyware.
> > `----
>
> >http://www.heise.de/english/newsticker/news/122502
>
> Yeah  -  it's certainly a bug. But of course a dishonest lying scumbag like
> Roy Schestowitz would intentionally leave out this sentence:
>
> <quote>
> The issue does require that the targeted hand held device is paired with
> the attacking device, which is usually only possible with the owner's
> consent.
> </quote>

"usually" ??? What's this "usually" part?  Does that mean like "but
not required"?

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index