PT-2009-1061 · Dstat+1 · Dstat+1

Robert Buchholz

Published

2009-11-25

Updated

2025-03-12

CVE-2009-3894

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions dstat versions prior to 0.7.0

Description The issue allows local users to gain privileges via a Trojan horse Python module in the current working directory or a certain subdirectory of the current working directory. Exploitation of this issue can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation can be carried out locally.

Recommendations For versions prior to 0.7.0, update to version 0.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive directories and monitoring for suspicious activity. Avoid using the vulnerable software until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

BDU:2015-06740

BDU:2015-08567

BDU:2015-09411

CVE-2009-3894

OPENSUSE-SU-2024:10001-1

OPENSUSE-SU-2025:14878-1

RHSA-2009:1619

RHSA-2009_1619

Affected Products

Red Hat

Dstat

PT-2009-1061 · Dstat+1 · Dstat+1

CVE-2009-3894

Related Identifiers

Affected Products

References · 25