Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3001

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2014-3001
Last Modified 05 May 2014 10:54:10
Published 02 May 2014 10:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-3001

Summary

The device file system (aka devfs) in FreeBSD 10.0 before p2 does not load default rulesets when booting, which allows context-dependent attackers to bypass intended restrictions by leveraging a jailed device node process.

Vulnerable Systems

Operating System

  • Freebsd 10.0


References

SECTRACK - 1030171

BID - 67158

FREEBSD - FreeBSD-SA-14:07


Last Updated: 27 May 2016 11:03:24