Lucene search
RedHatRHSA-2009:1619HistoryNov 30, 2009 - 12:00 a.m.
(RHSA-2009:1619) Moderate: dstat security update
2009-11-3000:00:00
access.redhat.com
13
0.001 Low
EPSS
Percentile
25.6%
Dstat is a versatile replacement for the vmstat, iostat, and netstat tools.
Dstat can be used for performance tuning tests, benchmarks, and
troubleshooting.
Robert Buchholz of the Gentoo Security Team reported a flaw in the Python
module search path used in dstat. If a local attacker could trick a
local user into running dstat from a directory containing a Python script
that is named like an importable module, they could execute arbitrary code
with the privileges of the user running dstat. (CVE-2009-3894)
All dstat users should upgrade to this updated package, which contains a
backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | src | dstat | < 0.6.6-3.el5_4.1 | dstat-0.6.6-3.el5_4.1.src.rpm |
| RedHat | 5 | noarch | dstat | < 0.6.6-3.el5_4.1 | dstat-0.6.6-3.el5_4.1.noarch.rpm |
Related
openvas
openvas
Fedora Core 11 FEDORA-2009-12663 (dstat)
2009-12-10 00:00:00
Fedora Core 12 FEDORA-2009-12674 (dstat)
2009-12-10 00:00:00
CentOS Update for dstat CESA-2009:1619 centos5 i386
2011-08-09 00:00:00
nessus
nessus
Scientific Linux Security Update : dstat on SL5.x i386/x86_64
2012-08-01 00:00:00
GLSA-200911-04 : dstat: Untrusted search path
2009-11-30 00:00:00
RHEL 5 : dstat (RHSA-2009:1619)
2009-12-01 00:00:00
securityvulns
securityvulns
[resent] [ GLSA 200911-04 ] dstat: Untrusted search path
2009-11-26 00:00:00
dstat privilege escalation
2009-11-26 00:00:00
prion
prion
Design/Logic Flaw
2009-11-29 13:07:00
Design/Logic Flaw
2009-11-29 13:07:00
oraclelinux
oraclelinux
dstat security update
2009-11-30 00:00:00
gentoo
gentoo
dstat: Untrusted search path
2009-11-25 00:00:00
nvd
nvd
CVE-2009-3894
2009-11-29 13:07:52
CVE-2009-4081
2009-11-29 13:07:52
ubuntucve
ubuntucve
CVE-2009-3894
2009-11-29 00:00:00
CVE-2009-4081
2009-11-29 00:00:00
cve
cve
CVE-2009-3894
2009-11-29 13:07:52
CVE-2009-4081
2009-11-29 13:07:52
centos
centos
dstat security update
2009-12-17 12:39:29
fedora
fedora
[SECURITY] Fedora 11 Update: dstat-0.6.9-5.fc11
2009-12-04 23:50:44
[SECURITY] Fedora 12 Update: dstat-0.7.0-1.fc12
2009-12-04 23:55:01
debiancve
debiancve
CVE-2009-3894
2009-11-29 13:07:52
CVE-2009-4081
2009-11-29 13:07:52
cvelist
cvelist
CVE-2009-3894
2009-11-27 20:00:00
CVE-2009-4081
2009-11-27 20:00:00
seebug
seebug
Dstat sys.path搜索路径本地权限提升漏洞
2009-12-12 00:00:00