Lucene search
K

46 matches found

Cvelist
Cvelist
added 2009/11/27 8:0 p.m.23 views

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

6AI score0.00283EPSS
Exploits1References2
CVE
CVE
added 2009/11/27 8:0 p.m.74 views

CVE-2009-3894

CVE-2009-3894 affects dstat prior to 0.7.0, involving an untrusted Python module search path that could allow a local attacker to execute code with the caller’s privileges via a Trojan horse module in the current directory or a subdirectory. Public advisories (RHSA-2009-1619/ELSA-2009-1619 and re...

4.4CVSS6.3AI score0.0034EPSS
Exploits1References11Affected Software1
Debian CVE
Debian CVE
added 2009/11/27 8:0 p.m.14 views

CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

4.4CVSS6.5AI score0.0034EPSS
Exploits1
Debian CVE
Debian CVE
added 2009/11/27 8:0 p.m.13 views

CVE-2009-4081

Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894...

4.4CVSS6.1AI score0.00283EPSS
Exploits1
securityvulns
securityvulns
added 2009/11/26 12:0 a.m.77 views

[resent] [ GLSA 200911-04 ] dstat: Untrusted search path

Due to an oversight on my part, the original email has not been signed. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200911-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - -...

4.4CVSS6.2AI score0.0034EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2009/11/25 12:0 a.m.27 views

dstat: Untrusted search path

Background dstat is a versatile system resource monitor written in Python. Description Robert Buchholz of the Gentoo Security Team reported that dstat includes the current working directory and subdirectories in the Python module search path sys.path before calling "import". Impact A local attack...

4.4CVSS6.7AI score0.0034EPSS
Exploits1
Rows per page
Query Builder