| Vulnerability Name: | CVE-2005-4789 (CCN-26371) | ||||||||
| Assigned: | 2005-10-07 | ||||||||
| Published: | 2005-10-07 | ||||||||
| Updated: | 2008-09-05 | ||||||||
| Summary: | resmgr in SUSE Linux 9.2 and 9.3, and possibly other distributions, does not properly enforce class-specific exclude rules in some situations, which allows local users to bypass intended access restrictions for USB devices that set their class ID at the interface level. | ||||||||
| CVSS v3 Severity: | 2.8 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-4789 Source: SUSE Type: Patch, Vendor Advisory SUSE-SR:2005:022 Source: CCN Type: OSVDB ID: 25601 Resource Manager resmgr Class-specific Exclude Rule Bypass Source: BID Type: Patch 15037 Source: CCN Type: BID-15037 SUSE ResMgr Unauthorized USB Device Access Vulnerabilities Source: XF Type: UNKNOWN suse-resmgr-exclude-security-bypass(26371) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||