CVE-2005-1399

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 4.6 through 4.11 FreeBSD versions 5.x through 5.4

Description: The issue concerns insecure default permissions for the /dev/iir device, allowing local users to execute restricted ioctl calls. This can lead to unauthorized reading or modification of data on hardware controlled by the iir driver.

Recommendations: For FreeBSD versions 4.6 through 4.11, consider changing the default permissions of the /dev/iir device to restrict access. For FreeBSD versions 5.x through 5.4, consider changing the default permissions of the /dev/iir device to restrict access. As a temporary workaround, consider restricting access to the /dev/iir device until a proper fix is applied.