Mandriva Linux Security Advisory 2009-341 - Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory. This update provides a solution to these vulnerabilities.
c7d601c0b385dee4f628e53dbf3b2c25c6d716ab9e0c2200166d63493ea4ea8f
Gentoo Linux Security Advisory 200911-4 - An untrusted search path vulnerability in the dstat might result in the execution of arbitrary code. Robert Buchholz of the Gentoo Security Team reported that dstat includes the current working directory and subdirectories in the Python module search path (sys.path) before calling import. Versions less than 0.6.9-r1 are affected.
e938140de8d2e41db34f469eef05c0b125eefa4d2d5055c81e52eb4571b1985e