Description
The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Gutierrez · textlocalnetbsd_x86
https://www.exploit-db.com/exploits/19261
References (5)
Core 5
Core References
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/331
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/7577.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=90233906612929&w=2
Scores
EPSS
0.0060
EPSS Percentile
69.5%
Details
Status
published
Products (11)
netbsd/netbsd
1.0
netbsd/netbsd
1.1
netbsd/netbsd
1.2
netbsd/netbsd
1.2.1
netbsd/netbsd
1.3
netbsd/netbsd
1.3.1
netbsd/netbsd
< 1.3.2
sgi/irix
6.2
sgi/irix
6.4
sgi/irix
6.5
... and 1 more
Published
Jul 03, 1998
Tracked Since
Feb 18, 2026