关于 CVE-2005-0125 的漏洞信息

1. 漏洞描述
From NVD
The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user.
From 神龙GPT (AIGC)
在Mac OS X 10.3.7及其之前版本中,“at”命令未正确降低权限,这允许本地用户(1)通过atrm删除任意文件,(2)通过批处理命令的-f参数执行任意程序,或(3)通过批处理命令的-f参数读取任意文件,从而生成一个本地用户可以读取的job文件。
2. 漏洞评分(CVSS)
From NVD
NVD 暂无评分
From 神龙GPT (AIGC)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3. 漏洞类别
From NVD
NVD 暂无漏洞类别信息
From 神龙GPT (AIGC)
神龙GPT 暂无漏洞类别信息(请耐心等待)
Reference