4 matches found
CVE-2015-1415
FreeBSD 10.x installations using the bsdinstall installer with full-disk encrypted ZFS store the GELI master key in /boot/encryption.key with permissions 0644, exposing the key to local users. Root cause: default keyfile permissions are too open (world-readable) instead of 0600. Impact: local att...
FreeBSD 10.x ZFS encryption.key disclosure (CVE-2015-1415)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory Information Title: FreeBSD 10.x ZFS encryption.key disclosure CVE-2015-1415 Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-1415.txt.asc Date published: 2015-04-07 Vendors contacted: FreeBSD Release mode: Coordinated release...
FreeBSD 10.x ZFS encryption.key Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Advisory Information Title: FreeBSD 10.x ZFS encryption.key disclosure CVE-2015-1415 Advisory URL: https://pierrekim.github.io/advisories/CVE-2015-1415.txt.asc Date published: 2015-04-07 Vendors contacted: FreeBSD Release mode: Coordinated release...
FreeBSD Security Advisory FreeBSD-SA-15:08.bsdinstall
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:08.bsdinstall Security Advisory The FreeBSD Project Topic: Insecure default GELI keyfile permissions Category: core Module: bsdinstall Announced: 2015-04-07...