Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Vulnerability In SecureOL VE2 v1.05.1008
From: maxim () secureol com
Date: 7 Sep 2005 12:42:38 -0000
Introduction:

VE2 provides two separate virtual environments (Secured and Public(
To ensure corporate security and to provide secured and free access to 
the WEB while protecting the enterprise.

Summary:
Windows 16-bit execution support allows direct access to physical 
memory through \\PhysicalMemory device (which is actually a section) for
legacy NTVDM and Virtual Real Mode of the processor, accessing physical
memory from Public Environment provides direct bridge to Secured
Environment processes memory.
 
Proof of concept:
http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26

 Vulnerability submitted by Joe Stewart,
 22.08.05

 Patch Released:
23.08.05  - VE2 v1.05.1009

The information has been provided by Maxim Vainstein: maxim () secureol com

For more information: http://www.secureol.com

  By Date           By Thread  

Current thread:
  • Vulnerability In SecureOL VE2 v1.05.1008 maxim (Sep 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]