Title: Dell Latitude C800 Bios Suspended Session Bypassing Vulnerability
Severity: MODERATE
Description:
Latitude is one of the makes of laptops available from Dell.
A problem has been discovered in the Latitude BIOS which could allow a person with physical access to the laptop to gain access to sensitive information. Information such as passwords, cookies, and other such sensitive information may be retrieved.
The problem is due to the suspend option included with Dell Latitude laptops, and the BIOS. By design, the Latitude is capable of suspending sessions, which when the laptop is restarted, resumes operation as though the laptop was never powered down.
When the laptop is powered down, the contents of memory are dumped to the suspend partition. The suspend partition is then set with a bootable flag. When the laptop is restarted, it will load contents of the suspend partition into memory, and resume operation.
If another boot medium is used with the laptop, such as a boot floppy or cdrom, the operating system on the laptop may be booted. This could allow a person with local access to the machine to extract the contents of the suspended session.
Affected Products:
- Dell Latitude C800 0.0.0A09
- Dell Latitude C800 0.0.0A10
- Dell Latitude C800 0.0.0A11
- Dell Latitude C800 0.0.0A12
- Dell Latitude C800 0.0.0A13
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
