CVE-1999-1409 Information

Description

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument which generates error messages that at sends to the user via e-mail.

Reference

ftp://ftp.NetBSD.ORG/pub/NetBSD/security/advisories/NetBSD-SA1998-004.txt.asc http://marc.info/?l=bugtraq&m=90233906612929&w=2 http://www.iss.net/security_center/static/7577.php http://www.securityfocus.com/bid/331 http://www.shmoo.com/mail/bugtraq/jul98/msg00064.html