CVE-2009-0854 Information

Description

Untrusted search path vulnerability in dash 0.5.4 when used as a login shell allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.

Reference

http://secunia.com/advisories/34205 http://www.securityfocus.com/bid/34092 http://www.ubuntu.com/usn/USN-732-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/49216