Improper Permissions in udev Allows Local Users to Obtain Sensitive Data

Improper Permissions in udev Allows Local Users to Obtain Sensitive Data

CVE-2005-3631 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords.

Learn more about our User Device Pen Test.