CVE-2005-1399
FreeBSD 4.6-4.11 and 5.x-5.4 - Unprotected Device Data Exposure via /dev/iir Insecure Permissions
Title source: llmDescription
FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver.
References (1)
Core 1
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:06.iir.asc
Scores
EPSS
0.0005
EPSS Percentile
14.3%
Details
Status
published
Products (10)
freebsd/freebsd
4.6
freebsd/freebsd
4.7
freebsd/freebsd
4.8
freebsd/freebsd
4.9
freebsd/freebsd
4.10
freebsd/freebsd
4.11
freebsd/freebsd
5.1
freebsd/freebsd
5.2
freebsd/freebsd
5.3
freebsd/freebsd
5.4
Published
May 06, 2005
Tracked Since
Feb 18, 2026