Mandriva Linux Security Advisory 2010-077 – The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. The updated packages have been patched to correct this issue.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88615/MDVSA-2010-077.txt
Source: https://packetstormsecurity.com/files/88615/Mandriva-Linux-Security-Advisory-2010-077.html