Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200911-04 Normal: Dstat Untrusted Path Code Execution

gentoo
Calendar Grey November 25, 2009
Dist Gentoo Esm H88
Gentoo Security Advisory GLSA 202311-05 highlights a vulnerability in the utility 'appname' which could lead to unauthorized memory access.
An untrusted search path vulnerability in the dstat might result in the execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200911-04 https://security.gentoo.org/ Severity: Normal Title: dstat: Untrusted search path Date: November 25, 2009 Bugs: #293497 ID: 200911-04

Synopsis ======= An untrusted search path vulnerability in the dstat might result in the execution of arbitrary code.
Background ========= dstat is a versatile system resource monitor written in Python.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/dstat < 0.6.9-r1 >= 0.6.9-r1
========== Robert Buchholz of the Gentoo Security Team reported that dstat includes the current working directory and subdirectories in the Python module search path (sys.path) before calling "imp...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo code execution normal untrusted path dstat

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo code execution normal untrusted path dstat

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here