Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion Vulnerability

2003-01-27T00:00:00
ID EDB-ID:22203
Type exploitdb
Reporter Wojciech Purczynski
Modified 2003-01-27T00:00:00

Description

Sun Solaris 2.5/2.6/7.0/8/9 AT Command Arbitrary File Deletion Vulnerability. CVE-2003-1073. Local exploit for solaris platform

                                        
                                            source: http://www.securityfocus.com/bid/6692//info

The at utility shipped with Sun Solaris may be prone to an issue which may allow attackers to delete arbitrary files on the system.

The vulnerability occurs when using at with the '-r' option. This option is used to remove previously scheduled at jobs. The vulnerability exists because at does not properly sanitize parameters submitted as part of the -r commandline option.

A local attacker can cause at to delete arbitrary files on the system.

/usr/bin/at -r ../../../../tmp/foo