| Vulnerability Name: | CVE-2006-2147 (CCN-26160) | ||||||||||||
| Assigned: | 2006-04-30 | ||||||||||||
| Published: | 2006-04-30 | ||||||||||||
| Updated: | 2017-07-20 | ||||||||||||
| Summary: | resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a USB device is granted by using "usb:<bus>,<dev>" notation, which grants access to all USB devices and allows local users to bypass intended restrictions. Note: this is a different vulnerability than CVE-2005-4788. | ||||||||||||
| CVSS v3 Severity: | 5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
| ||||||||||||
| CVSS v2 Severity: | 3.6 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2006-2147 Source: SUSE Type: Patch SUSE-SR:2006:004 Source: CCN Type: SA19887 Resource Manager resmgrd USB Device Granting Security Issue Source: SECUNIA Type: UNKNOWN 19887 Source: SECUNIA Type: UNKNOWN 19898 Source: DEBIAN Type: Patch DSA-1047 Source: DEBIAN Type: DSA-1047 resmgr -- programming error Source: BID Type: UNKNOWN 17752 Source: CCN Type: BID-17752 ResMgr Unauthorized USB Device Access Vulnerability Source: VUPEN Type: UNKNOWN ADV-2006-1592 Source: XF Type: UNKNOWN resmgr-security-bypass(26160) Source: XF Type: UNKNOWN resmgr-security-bypass(26160) | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||