CVE-2009-3894

Related Files

Mandriva Linux Security Advisory 2009-341

Posted Dec 30, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-341 - Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory. This update provides a solution to these vulnerabilities.

tags | advisory, local, trojan, vulnerability, python

systems | linux, mandriva

advisories | CVE-2009-3894, CVE-2009-4081

SHA-256 | c7d601c0b385dee4f628e53dbf3b2c25c6d716ab9e0c2200166d63493ea4ea8f

Download | Favorite | View

Gentoo Linux Security Advisory 200911-4

Posted Nov 25, 2009

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200911-4 - An untrusted search path vulnerability in the dstat might result in the execution of arbitrary code. Robert Buchholz of the Gentoo Security Team reported that dstat includes the current working directory and subdirectories in the Python module search path (sys.path) before calling import. Versions less than 0.6.9-r1 are affected.

tags | advisory, arbitrary, python

systems | linux, gentoo

advisories | CVE-2009-3894

SHA-256 | e938140de8d2e41db34f469eef05c0b125eefa4d2d5055c81e52eb4571b1985e

Download | Favorite | View