Candidate: CVE-2009-3894
PublicDate: 2009-11-29 13:07:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3894
Description:
 Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow
 local users to gain privileges via a Trojan horse Python module in (1) the
 current working directory or (2) a certain subdirectory of the current
 working directory.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=538459
 http://bugs.gentoo.org/show_bug.cgi?id=293497
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=557989
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_dstat:
upstream_dstat: released (0.7.0)
dapper_dstat: ignored (reached end-of-life)
hardy_dstat: ignored (reached end-of-life)
intrepid_dstat: needs-triage (reached end-of-life)
jaunty_dstat: ignored (reached end-of-life)
karmic_dstat: ignored (reached end-of-life)
lucid_dstat: not-affected (0.7.0-1)
maverick_dstat: not-affected (0.7.0-1)
natty_dstat: not-affected (0.7.0-1)
oneiric_dstat: not-affected (0.7.0-1)
devel_dstat: not-affected (0.7.0-1)