CVE-2005-0125

Name of the Vulnerable Software and Affected Versions Mac OS X versions 10.3.7 and earlier

Description The issue concerns the "at" commands, which do not properly drop privileges. This allows local users to delete arbitrary files, execute arbitrary programs, or read arbitrary files. Specifically, the atrm command can be used to delete files, while the batch command with the -f argument can be used to execute programs or read files by generating a readable job file.

Recommendations For Mac OS X versions 10.3.7 and earlier, consider disabling the "at" commands until a patch is available. As a temporary workaround, restrict access to the atrm and batch commands to minimize the risk of exploitation. Avoid using the -f argument with the batch command until the issue is resolved.