1. CVE-Search
  2. CVE-2003-1073
ID CVE-2003-1073
Summary A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
    cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 1.2 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:L/AC:H/Au:N/C:N/I:P/A:N
refmap via4
bid
  • 6692
  • 6693
bugtraq 20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities
ciac N-070
misc http://isec.pl/vulnerabilities/isec-0008-sun-at.txt
sectrack 1005994
secunia 7960
sunalert 50161
vulnwatch 20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities
xf
  • solaris-at-directory-traversal(11179)
  • solaris-at-race-condition(11180)
Last major update 30-10-2018 - 16:26
Published 31-12-2003 - 05:00
Last modified 30-10-2018 - 16:26
Back to Top