VULHUB ™

The at utility shipped with Sun Solaris may be prone to an issue which may allow unprivileged users to delete any file on the vulnerable system. This vulnerability is a consequence of the issue described in BID 6692 and also occurs when at is used with the -r commandline option. at is prone to a race condition vulnerability when verifying the ownership of an at job before deletion. This issue may result in the deletion of a file other than the expected at job. As the at binary is typically installed setuid root, this may allow an attacker to delete arbitrary system files.

The at utility shipped with Sun Solaris may be prone to an issue which may allow unprivileged users to delete any file on the vulnerable system. This vulnerability is a consequence of the issue described in BID 6692 and also occurs when at is used with the -r commandline option. at is prone to a race condition vulnerability when verifying the ownership of an at job before deletion. This issue may result in the deletion of a file other than the expected at job. As the at binary is typically installed setuid root, this may allow an attacker to delete arbitrary system files.