World-readable permissions on GELI keyfile in FreeBSD 10.x before 10.1 p9
CVE-2015-1415 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local users to obtain sensitive key information by reading the file.
Learn more about our User Device Pen Test.