Summary: | <sys-apps/dstat-0.6.9-r1 Untrusted Search Path (CVE-2009-{3894,4081}) | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | normal | CC: | armin76, chainsaw, fauli, jer, keytoaster, maekke, swegener, tcunha | ||||||
Priority: | High | ||||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | B2 [glsa] | ||||||||
Package list: | Runtime testing required: | --- | |||||||
Attachments: |
|
Description
Robert Buchholz (RETIRED)
2009-11-17 12:37:52 UTC
Created attachment 210507 [details]
dstat-0.6.9-r1.ebuild
Created attachment 210509 [details, diff]
dstat-0.6.9-cwd.patch
Arch Security Liaisons, please test the attached ebuild and report it stable on this bug. Target keywords : "amd64 hppa sparc x86" CC'ing current Liaisons: amd64 : keytoaster, chainsaw hppa : jer sparc : armin76, tcunha x86 : fauli, maekke HPPA is OK. sparc ok x86 ok I have been running on amd64 with the patch for a while as well. so amd64 stable. 0.7.0 is released and contains the fix: http://dag.wieers.com/home-made/dstat/#download 0.6.9-r1 is committed. This bug is now public. GLSA 200911-04 A second CVE identifier has been assigned to the "same" vulnerability in old versions. So we get: CVE-2009-4081 : r???? <-> r3199 CVE-2009-3894 : r3464 <-> r8040 CVE-2009-3894 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3894): Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory. CVE-2009-4081 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4081): Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894. |