Security Advisory

CVE-2003-1073

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-02-08 05:00:00

Last updated 2024-08-08 02:12:36

Assigner mitre

State PUBLISHED

Description

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.

← Browse all CVEs View on cve.org ↗