CVE-2009-0854

EPSS 0.14% · P34 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0854

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users to execute arbitrary code via a Trojan horse .profile file in the current working directory.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

DASH '.profile' 本地特权升级漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

DASH是一种符合POSIX标准的shell语言，俗称D shell。 dash 0.5.4版本中存在不可靠搜索路径漏洞,当被用作一个登陆外壳时,本地用户可以借助当前工作目录中的一个特洛伊木马剖面文件，执行任意代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-0854

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-0854

请登录查看更多情报信息。

http://www.securityfocus.com/bid/34092vdb-entryx_refsource_BID
http://secunia.com/advisories/34205third-party-advisoryx_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-732-1vendor-advisoryx_refsource_UBUNTU
https://exchange.xforce.ibmcloud.com/vulnerabilities/49216vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2009-0854

Same Patch Batch · n/a · 2009-03-11 · 13 CVEs total

CVE-2008-4563		IBM Tivoli存储管理器远程堆溢出漏洞
CVE-2009-0093		Microsoft Windows DNS/WINS服务器自动更新欺骗漏洞
CVE-2009-0094		Microsoft Windows DNS/WINS服务器多个欺骗漏洞
CVE-2009-0233		Microsoft Windows DNS/WINS服务器自动更新和缓存投毒漏洞
CVE-2009-0234		Microsoft Windows DNS/WINS服务器缓存投毒漏洞
CVE-2009-0660		Mahara profile和blog 跨站脚本攻击漏洞
CVE-2009-0712		HP Systems Insight Manager WMI Mapper未授权访问漏洞
CVE-2009-0713		HP Systems Insight Manager WMI Mapper敏感信息泄露漏洞
CVE-2009-0848		openSUSE Linux gtk2 Package Search Path 远程指令执行漏洞
CVE-2009-0871		Digium Asterisk拒绝服务漏洞
CVE-2009-0872		Sun Solaris NFS服务程序安全模式非授权访问漏洞
CVE-2009-0873		Sun Solaris NFS守护程序绕过安全限制漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-0854

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-0854

I. Basic Information for CVE-2009-0854

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-0854

III. Intelligence Information for CVE-2009-0854

Same Patch Batch · n/a · 2009-03-11 · 13 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-0854

Leave a comment