Windows Mobile 6.0
I shall complete the information related to Bugtraq ID: 33359
Title: HTC / Windows Mobile OBEX FTP Service Directory Traversal
Author: Alberto Moreno Tablado
Vendor: HTC
Vulnerable Products:
- HTC devices running Windows Mobile 6
- HTC devices running Windows Mobile 6.1
Non vulnerable products:
- HTC devices running Windows Mobile 5.0
August 21, 2008
Risk Level:
Medium - Full TCP/IP access via RNDIS protocol over USB from
Windows Mobile device.
Summary:
With the introduction of ActiveSync 4.x, Microsoft significantly
altered how the Windows Mobile device communicates with the host PC.
SF> August 21, 2008
SF> Risk Level:
SF> Medium - Full TCP/IP access via RNDIS protocol over USB from
SF> Windows Mobile device.
SF> Summary:
SF> With the introduction of ActiveSync 4.x, Microsoft significantly
SF> altered how the Windows Mobile device communicates with the host PC.
Title: Microsoft Bluetooth Stack OBEX Directory Traversal
Author: Alberto Moreno Tablado
Vendor: Microsoft
Product: Windows Mobile 6 Professional (Probably Windows Mobile 5.0 for Pocket PC and Windows Mobile 5.0 for Pocket PC Phone Edition)
References: http://www.seguridadmobile.com/windows-mobile/windows-mobile-security/Microsoft-Bluetooth-Stack-Directory-Traversal.html
Description:
Most Windows Mobile 5.0 & 6 devices are shipped with Microsoft Bluetooth stack, only few of them use others like Widcomm Bluetooth stack. Among all the Bluetooth services that may be implemented in the stack, OBEX FTP is the most common service.
OBEX FTP Bluetooth service can be used to share files through Bluetooth, not only by sending files but also by allowing remote devices to browse local shared folders and download files. Usually, the service is configured in such a way that a specific directory is shared and the user can place there all the files he would like to share with other people. The default directory is My Device\My Documents\Bluetooth Share. A different directory may be selected by the user, however the Bluetooth wizard usually doesn't allow specifying any other from the filesystem out of My Device\My Documents\ or Memory Card\My Documents\ paths. This is because of safety reasons, so the user can't expose sensitive files or information through Bluetooth.
Advisory ID: SYMSA-2007-012
Advisory Title: Microsoft Windows CE IGMP Denial of Service
Author: Ollie Whitehouse / ollie_whitehouse@symantec.com
Release Date: 22-10-2007
Application: Windows CE 5.01 / Windows Mobile 5
Platform: Microsoft Windows
Severity: Denial of Service
Vendor status: Update Available
CVE Number: CVE-2006-0021
Reference: http://www.securityfocus.com/bid/16645
Symantec Vulnerability Research
http://www.symantec.com/research
Security Advisory
Advisory ID: SYMSA-2007-011
Advisory Title: Microsoft Windows Mobile 5 PocketPC Phone Edition
SMS Handler Issue With Regard to Malformed WAP Push
Messages Hiding Source
Author: Ollie Whitehouse / ollie_whitehouse@symantec.com
Release Date: 17-10-2007
Application: Microsoft Windows Mobile 5 PocketPC
------------------------------------------------------------------
XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp
Date: 22.04.2010
-------------------------------------------------------------------
- Description
Windows Mobile shows message previews if configured to do so. Due to missing input validation the contents of a sms is not properly sanitized and interpreted as it is. This can lead to content injection and xss.
Overview:
Microsoft ActiveSync 4.1 acts as the gateway between your Windows
powered PC and Windows Mobile powered device, enabling the transfer
of Outlook information, Office documents, pictures, music, videos and
applications from your desktop to your device.
A vulnerability has been discovered in the mechanism that Microsoft
uses to obfuscate the password when it's sent over the USB network
Minimo <=.2 and Firefox 2.0.0.6
http://airscanner.com/security/07080103_minimo.2.htm
Platform:
Tested on Minimo .016 and .2 Windows Mobile Pocket PC 2005 and Firefox
2.0.0.6 Windows XP SP2
Requirements:
Mobile device running Windows Mobile Pocket PC or Firefox 2.0.0.6 on XP
> Additionally, there is more information about NSA's role on Windows
> security software industry provided ('further details regarding which
> publishers and their means of facilitation' mentioned by Cryptome post
> on 1st Nov, link mentioned in Bugtraq post referenced below).
>
> Cryptome: NSA has access to Windows Mobile smartphones
> http://www.securityfocus.com/archive/1/483129
>
> Juha-Matti
> Additionally, there is more information about NSA's role on Windows
> security software industry provided ('further details regarding which
> publishers and their means of facilitation' mentioned by Cryptome post
> on 1st Nov, link mentioned in Bugtraq post referenced below).
>
> Cryptome: NSA has access to Windows Mobile smartphones
> http://www.securityfocus.com/archive/1/483129
>
> Juha-Matti
-----Original Message-----
From: Juha-Matti Laurio [mailto:juha-matti.laurio@netti.fi]
Sent: Thursday, November 01, 2007 2:16 PM
To: bugtraq@securityfocus.com
Subject: Cryptome: NSA has access to Windows Mobile smartphones
A widely known Web site Cryptome has released information about backdooring
Microsoft Windows machines today.
According to the post National Security Agency has access both stand-alone
Topics Range (but unlimited):
--- Security in new fields
- Vista / Windows
- Web 2.0
- 3G/4G network
- Mobile Handset (Symbian / IPhone / Android / Windows Mobile )
- Banks & Financial institutes
- Business Information System
- Virtualization
- New bug digging
Topics Range (but unlimited):
--- Security in new fields
- Vista / Windows
- Web 2.0
- 3G/4G network
- Mobile Handset (Symbian / IPhone / Android / Windows Mobile )
- Banks & Financial institutes
- Business Information System
- Virtualization
- New bug digging
--- Security in new fields
- Vista
- Web 2.0
- 3G/4G network
- Mobile Handset (Symbian / IPhone / Android / Windows Mobile )
- Banks & financial institutes
- Business Information System
- Virtualzation
- New vulnerability discovering
SecuriTeam Blogs:
http://blogs.securiteam.com/?p=1052
Additionally, there is more information about NSA's role on Windows security software industry provided ('further details regarding which publishers and their means of facilitation' mentioned by Cryptome post on 1st Nov, link mentioned in Bugtraq post referenced below).
Cryptome: NSA has access to Windows Mobile smartphones
http://www.securityfocus.com/archive/1/483129
Juha-Matti
SecuriTeam Blogs:
http://blogs.securiteam.com/?p=1052
Additionally, there is more information about NSA's role on Windows security software industry provided ('further details regarding which publishers and their means of facilitation' mentioned by Cryptome post on 1st Nov, link mentioned in Bugtraq post referenced below).
Cryptome: NSA has access to Windows Mobile smartphones
http://www.securityfocus.com/archive/1/483129
Juha-Matti
might be added in a future release. It allows an attacker to crash the
remote web application. This was scored with a CVSS of 5.
o Security-Advisory: TEHTRI-SA-2010-027 - 0day on HTC
TEHTRI-Security found a security issue, and created a client-side attack
0day for HTC Windows Mobile cellphone devices (Opera). HTC was contacted.
o Security-Advisory: TEHTRI-SA-2010-026 - 0day on iPad
TEHTRI-Security found a security issue, and created a client-side attack
0day for the (awesome) iPad device. The code was shared with Apple who
handled this vulnerability quickly, so that a fix might be added to a
|
