Unrated severityNVD Advisory· Published May 6, 2005· Updated Apr 16, 2026

CVE-2005-1399

Description

FreeBSD 4.6 to 4.11 and 5.x to 5.4 uses insecure default permissions for the /dev/iir device, which allows local users to execute restricted ioctl calls to read or modify data on hardware that is controlled by the iir driver.

Affected products

FreeBSD/FreeBSD11 versions
cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.11:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*
- (no CPE)range: 4.6-4.11, 5.0-5.4

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:06.iir.ascnvdPatchVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000