Exploitation Summary
EIP tracks 1 public exploit for CVE-1999-1409. PoCs published by Gutierrez.
AI-analyzed exploit summary The exploit describes a vulnerability in NetBSD and IRIX where the `at` command incorrectly sets UID to 0 before opening files, allowing unauthorized file reads. The provided command demonstrates reading `/etc/shadow` via email.
Description
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Exploits (1)
The exploit describes a vulnerability in NetBSD and IRIX where the `at` command incorrectly sets UID to 0 before opening files, allowing unauthorized file reads. The provided command demonstrates reading `/etc/shadow` via email.