Vulnonym.org

CVE-1999-1409 - Extrusible Diagrams

Description

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument which generates error messages that at sends to the user via e-mail.

Reference

http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html http://www.securityfocus.com/bid/331 ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc http://www.iss.net/security_center/static/7577.php http://marc.info/?l=bugtraq&m=90233906612929&w=2