Vulnerabilities > CVE-2006-2147 - Unspecified vulnerability in Resmgr Resmgrd
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
resmgrd in resmgr for SUSE Linux and other distributions does not properly handle when access to a USB device is granted by using "usb:<bus>,<dev>" notation, which grants access to all USB devices and allows local users to bypass intended restrictions. NOTE: this is a different vulnerability than CVE-2005-4788.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Debian Local Security Checks |
NASL id | DEBIAN_DSA-1047.NASL |
description | A problem has been discovered in resmgr, a resource manager library daemon and PAM module, that allows local users to bypass access control rules and open any USB device when access to one device was granted. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 22589 |
published | 2006-10-14 |
reporter | This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/22589 |
title | Debian DSA-1047-1 : resmgr - programming error |
References
- http://lists.suse.com/archive/suse-security-announce/2006-Feb/0008.html
- http://secunia.com/advisories/19887
- http://secunia.com/advisories/19898
- http://www.debian.org/security/2006/dsa-1047
- http://www.securityfocus.com/bid/17752
- http://www.vupen.com/english/advisories/2006/1592
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26160