Insecure Default Permissions for /dev/iir Device in FreeBSD

Insecure Default Permissions for /dev/iir Device in FreeBSD

CVE-2005-1399 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver.

Learn more about our User Device Pen Test.