QwikSec

Security Database

CVE

CWE

Training

CVE-2011-0640

Published: Jan 25, 2011

Modified: Sep 16, 2024

PUBLISHED

Description

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://news.cnet.com/8301-27080_3-20028919-245.html

x_refsource_MISC

http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou

x_refsource_MISC

http://www.cs.gmu.edu/~astavrou/publications.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.