From $URL: The mono debugger scripts (mdb and mdb-symbolreader) misuse the LD_LIBRARY_PATH environment variable (empty case) which could allow loading shared libraries from the current directory. Upstream has released 2.8.1 which contains the fix for this issue.
This patch could probably be backported to mono-debugger-2.6: http://patch-tracker.debian.org/patch/series/view/mono-debugger/2.6.3-2.2/cve-2010-3369--bug598299
Fixed packages have been stabilized via 352808 and, for ppc only, 359651. GLSA Vote: yes.
Vote: YES. New GLSA request filed.
This issue was resolved and addressed in GLSA 201206-13 at http://security.gentoo.org/glsa/glsa-201206-13.xml by GLSA coordinator Tobias Heinlein (keytoaster).