← Back

CVE-2003-1073

nvd nist
Published: Dec 31, 2003Modified: Apr 16, 2026

JSON object

Loading...
1.2
Vector
AV:L/AC:H/Au:N/C:N/I:P/A:N
Exploitability: 1.9 / Impact: 2.9
Source: NVD

Description

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.

Affected (10)

Products: Sun: Solaris, Sunos
Sun
2 products
Solaris
Sunos
Configuration A
10 vulnerable
Vulnerable SoftwareAffected Versions
Sun
Solaris
Version 2.6
Solaris
Version 7.0
Solaris
Version 8.0
Solaris
Version 9.0
Solaris
Version 9.0
Sun
Sunos
All versions
Sunos
Version 5.5.1
Sunos
Version 5.5
Sunos
Version 5.7
Sunos
Version 5.8

References (22)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.