Vulnerability Details : CVE-2009-4081
Untrusted search path vulnerability in dstat before r3199 allows local users to gain privileges via a Trojan horse Python module in the current working directory, a different vulnerability than CVE-2009-3894.
Products affected by CVE-2009-4081
- cpe:2.3:a:dag.wieers:dstat:*:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:dag.wieers:dstat:0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-4081
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-4081
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
References for CVE-2009-4081
-
http://bugs.gentoo.org/show_bug.cgi?id=293497
293497 – (CVE-2009-3894) <sys-apps/dstat-0.6.9-r1 Untrusted Search Path (CVE-2009-{3894,4081})Patch
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:341
Mandriva
Jump to