Vulnerabilities

CVE-2015-1415

by Fred · 10/04/2015

The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.

Date published : 2015-04-10

http://www.securityfocus.com/archive/1/535209/100/0/threaded

https://www.freebsd.org/security/advisories/FreeBSD-SA-15:08.bsdinstall.asc

Similar

Tags: Cybersecurity Alert