Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-1999-1409


The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.


Published

1998-07-03T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 2.1 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: LOCAL
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

3.9

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System sgi irix 6.2 Yes
Operating System sgi irix 6.4 Yes
Operating System sgi irix 6.5 Yes
Operating System sgi irix 6.5.1 Yes
Operating System netbsd netbsd ≤ 1.3.2 Yes
Operating System netbsd netbsd 1.0 Yes
Operating System netbsd netbsd 1.1 Yes
Operating System netbsd netbsd 1.2 Yes
Operating System netbsd netbsd 1.2.1 Yes
Operating System netbsd netbsd 1.3 Yes
Operating System netbsd netbsd 1.3.1 Yes

References