### [CVE-2003-1073](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1073)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.

### POC

#### Reference
- http://isec.pl/vulnerabilities/isec-0008-sun-at.txt

#### Github
No PoCs found on GitHub currently.