Ads SecureOL VE2 Information Disclosure Saturday, 10 September 2005 Summary VE2 provides "two separate virtual environments (Secured and Public) to ensure corporate security and to provide secured and free access to the WEB while protecting the enterprise". A vulnerability in the way the VE2 product separates the two zones allows attackers residing in the public area to read content from the secured area. Credit: The information has been provided by maxim. Details Vulnerable Systems: * VE2 version 1.05.1008 and prior Immune Systems: * VE2 version 1.05.1009 Windows 16-bit execution support allows direct access to physical memory through \PhysicalMemory device (which is actually a section) for legacy NTVDM and Virtual Real Mode of the processor, accessing physicalmemory from Public Environment provides direct bridge to Secured Environment processes memory. Proof of concept: The following URL provdes some additional details on the vulnerability: http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.