Computer Security
[EN] no-pyccku

FreeBSD weak permissions
SecurityVulns ID:14358
Threat Level:
Description:Weak ZFS and GELI key files permissions.
Affected:FREEBSD : FreeBSD 10.1
CVE:CVE-2015-1415 (The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall (08.04.2015)
 documentFREEBSD, FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415) (08.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod