CVE Catalog

CVE-1999-1409

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.95%

57th percentile — higher than 57% of all known CVEs

Summary

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

Risk Assessment

This vulnerability allows local users to access sensitive information from other files, potentially leading to privacy breaches and data security issues within the organization.

Recommendation

It is recommended to update systems to the latest versions that mitigate this vulnerability and to restrict access to the at program only to trusted users.

Original NVD description (English source)

The at program in IRIX 6.2 and NetBSD 1.3.2 and earlier allows local users to read portions of arbitrary files by submitting the file to at with the -f argument, which generates error messages that at sends to the user via e-mail.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS