CVE-2003-1073: Race Condition
First published: Wed Dec 31 2003(Updated: )
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun SunOS | =5.7 | |
| Sun SunOS | =5.5 | |
| Sun SunOS | =5.8 | |
| Sun Solaris | =9.0 | |
| Sun Solaris | =7.0 | |
| Sun Solaris | =9.0 | |
| Sun SunOS | =5.5.1 | |
| Sun Solaris | =2.6 | |
| Sun Solaris | =8.0 | |
| Sun SunOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-50161-1
- http://secunia.com/advisories/7960/
- http://www.securityfocus.com/archive/1/308577
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0044.html
- http://isec.pl/vulnerabilities/isec-0008-sun-at.txt
- http://www.ciac.org/ciac/bulletins/n-070.shtml
- http://www.securityfocus.com/bid/6692
- http://www.securityfocus.com/bid/6693
- http://www.securitytracker.com/id?1005994
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11180
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11179
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sun
- canonical/sun sunos
- version/sun sunos/5.7
- version/sun sunos/5.5
- version/sun sunos/5.8
- canonical/sun solaris
- version/sun solaris/9.0
- version/sun solaris/7.0
- version/sun sunos/5.5.1
- version/sun solaris/2.6
- version/sun solaris/8.0