CVE-2009-3894

EUVD-2009-3865
Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
dag.wieersdstat
𝑥
≤ 0.6.9
dag.wieersdstat
0.1
dag.wieersdstat
0.2
dag.wieersdstat
0.3
dag.wieersdstat
0.4
dag.wieersdstat
0.5
dag.wieersdstat
0.5.2
dag.wieersdstat
0.5.3
dag.wieersdstat
0.5.4
dag.wieersdstat
0.5.5
dag.wieersdstat
0.5.6
dag.wieersdstat
0.5.7
dag.wieersdstat
0.5.8
dag.wieersdstat
0.5.9
dag.wieersdstat
0.5.10
dag.wieersdstat
0.6.0
dag.wieersdstat
0.6.1
dag.wieersdstat
0.6.2
dag.wieersdstat
0.6.3
dag.wieersdstat
0.6.4
dag.wieersdstat
0.6.5
dag.wieersdstat
0.6.6
dag.wieersdstat
0.6.7
dag.wieersdstat
0.6.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
dstat
bookworm
0.7.4-6.1
fixed
bullseye
0.7.4-6.1
fixed
etch
no-dsa
lenny
no-dsa
sid
0.7.4-6.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dstat
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
References
http://bugs.gentoo.org/show_bug.cgi?id=293497
http://osvdb.org/60511
http://secunia.com/advisories/37445
http://secunia.com/advisories/37457
http://security.gentoo.org/glsa/glsa-200911-04.xml
http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
http://www.mandriva.com/security/advisories?name=MDVSA-2009:341
http://www.redhat.com/support/errata/RHSA-2009-1619.html
http://www.securityfocus.com/bid/37131
https://bugzilla.redhat.com/show_bug.cgi?id=538459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969
http://bugs.gentoo.org/show_bug.cgi?id=293497
http://osvdb.org/60511
http://secunia.com/advisories/37445
http://secunia.com/advisories/37457
http://security.gentoo.org/glsa/glsa-200911-04.xml
http://svn.rpmforge.net/svn/trunk/tools/dstat/ChangeLog
http://www.mandriva.com/security/advisories?name=MDVSA-2009:341
http://www.redhat.com/support/errata/RHSA-2009-1619.html
http://www.securityfocus.com/bid/37131
https://bugzilla.redhat.com/show_bug.cgi?id=538459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8969