Vulnerabilities > CVE-2003-1073 - Unspecified vulnerability in SUN Solaris and Sunos

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sun

exploit available

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Sunos 5.7 SUN Sunos 5.5 SUN Sunos 5.8 SUN Sunos 5.5.1 SUN Sunos - SUN Solaris 9.0 SUN Solaris 7.0 SUN Solaris 2.6 SUN Solaris 8.0	10

Exploit-Db

description	Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion Vulnerability. CVE-2003-1073. Local exploit for solaris platform
id	EDB-ID:22203
last seen	2016-02-02
modified	2003-01-27
published	2003-01-27
reporter	Wojciech Purczynski
source	https://www.exploit-db.com/download/22203/
title	Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References