CVE-2005-2218

The device file system (devfs) in FreeBSD 5.x does not properly check parameters of the node type when creating a device node, which makes hidden devices available to attackers, who can then bypass restrictions on a jailed process.

Published: Jul 26, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2218
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
freebsd / freebsd	5.2.1	5.2.1.x
freebsd / freebsd	5.4-releng	5.4-releng.x
freebsd / freebsd	5.3-release	5.3-release.x
freebsd / freebsd	5.1-releng	5.1-releng.x
freebsd / freebsd	5.4	5.4.x
freebsd / freebsd	5.3	5.3.x
freebsd / freebsd	5.1-release_p5	5.1-release_p5.x
freebsd / freebsd	5.2.1-releng	5.2.1-releng.x
freebsd / freebsd	5.0-release_p14	5.0-release_p14.x
freebsd / freebsd	5.1-release	5.1-release.x
freebsd / freebsd	5.0-releng	5.0-releng.x
freebsd / freebsd	5.1-alpha	5.1-alpha.x
freebsd / freebsd	5.1	5.1.x
freebsd / freebsd	5.2	5.2.x
freebsd / freebsd	5.4-pre-release	5.4-pre-release.x
freebsd / freebsd	5.4-release	5.4-release.x
freebsd / freebsd	5.0-alpha	5.0-alpha.x
freebsd / freebsd	5.2.1-release	5.2.1-release.x
freebsd / freebsd	5.0	5.0.x
freebsd / freebsd	5.3-stable	5.3-stable.x
freebsd / freebsd	5.3-releng	5.3-releng.x

Vulnerability Database

289,689

CVE-2005-2218