Vulnerability Description
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sun | Solaris | 2.6 |
| Sun | Sunos | - |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html
- http://isec.pl/vulnerabilities/isec-0008-sun-at.txt
- http://secunia.com/advisories/7960/Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1Vendor Advisory
- http://www.ciac.org/ciac/bulletins/n-070.shtml
- http://www.securityfocus.com/archive/1/308577
- http://www.securityfocus.com/bid/6692
- http://www.securityfocus.com/bid/6693
- http://www.securitytracker.com/id?1005994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11180
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html
- http://isec.pl/vulnerabilities/isec-0008-sun-at.txt
- http://secunia.com/advisories/7960/Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1Vendor Advisory
FAQ
What is CVE-2003-1073?
CVE-2003-1073 is a vulnerability with a CVSS score of 1.2 (LOW). A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory ...
How severe is CVE-2003-1073?
CVE-2003-1073 has been rated LOW with a CVSS base score of 1.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1073?
Check the references section above for vendor advisories and patch information. Affected products include: Sun Solaris, Sun Sunos.