Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in (1) the current working directory or (2) a certain subdirectory of the current working directory.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Dstat | Dag.wieers | * | 0.6.9 (including) |
| Dstat | Dag.wieers | 0.1 (including) | 0.1 (including) |
| Dstat | Dag.wieers | 0.2 (including) | 0.2 (including) |
| Dstat | Dag.wieers | 0.3 (including) | 0.3 (including) |
| Dstat | Dag.wieers | 0.4 (including) | 0.4 (including) |
| Dstat | Dag.wieers | 0.5 (including) | 0.5 (including) |
| Dstat | Dag.wieers | 0.5.2 (including) | 0.5.2 (including) |
| Dstat | Dag.wieers | 0.5.3 (including) | 0.5.3 (including) |
| Dstat | Dag.wieers | 0.5.4 (including) | 0.5.4 (including) |
| Dstat | Dag.wieers | 0.5.5 (including) | 0.5.5 (including) |
| Dstat | Dag.wieers | 0.5.6 (including) | 0.5.6 (including) |
| Dstat | Dag.wieers | 0.5.7 (including) | 0.5.7 (including) |
| Dstat | Dag.wieers | 0.5.8 (including) | 0.5.8 (including) |
| Dstat | Dag.wieers | 0.5.9 (including) | 0.5.9 (including) |
| Dstat | Dag.wieers | 0.5.10 (including) | 0.5.10 (including) |
| Dstat | Dag.wieers | 0.6.0 (including) | 0.6.0 (including) |
| Dstat | Dag.wieers | 0.6.1 (including) | 0.6.1 (including) |
| Dstat | Dag.wieers | 0.6.2 (including) | 0.6.2 (including) |
| Dstat | Dag.wieers | 0.6.3 (including) | 0.6.3 (including) |
| Dstat | Dag.wieers | 0.6.4 (including) | 0.6.4 (including) |
| Dstat | Dag.wieers | 0.6.5 (including) | 0.6.5 (including) |
| Dstat | Dag.wieers | 0.6.6 (including) | 0.6.6 (including) |
| Dstat | Dag.wieers | 0.6.7 (including) | 0.6.7 (including) |
| Dstat | Dag.wieers | 0.6.8 (including) | 0.6.8 (including) |
| Red Hat Enterprise Linux 5 | RedHat | dstat-0:0.6.6-3.el5_4.1 | * |
| Dstat | Ubuntu | dapper | * |
| Dstat | Ubuntu | hardy | * |
| Dstat | Ubuntu | intrepid | * |
| Dstat | Ubuntu | jaunty | * |
| Dstat | Ubuntu | karmic | * |
| Dstat | Ubuntu | upstream | * |