Vulnerability Name:

CVE-2005-1705 (CCN-20701)

Assigned:2005-05-20
Published:2005-05-20
Updated:2017-10-11
Summary:gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CONFIRM
Type: UNKNOWN
http://bugs.gentoo.org/show_bug.cgi?id=88398

Source: MITRE
Type: CNA
CVE-2005-1705

Source: CCN
Type: RHSA-2005-709
gdb security update

Source: CCN
Type: RHSA-2005-801
gdb security update

Source: SECUNIA
Type: Patch, Vendor Advisory
17072

Source: SECUNIA
Type: UNKNOWN
17356

Source: CCN
Type: SA18506
Avaya gdb Integer Overflow and Insecure Initialisation File Handling

Source: SECUNIA
Type: UNKNOWN
18506

Source: GENTOO
Type: Vendor Advisory
GLSA-200505-15

Source: SECUNIA
Type: UNKNOWN
18506

Source: CCN
Type: ASA-2006-015
gdb security update (RHSA-2005-801)

Source: CCN
Type: GLSA-200505-15
gdb: Multiple vulnerabilities

Source: CCN
Type: GDB: The GNU Project Debugger Web page
GDB: The GNU Project Debugger

Source: MANDRAKE
Type: Patch, Vendor Advisory
MDKSA-2005:095

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:709

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:801

Source: CCN
Type: BID-13697
GDB Multiple Vulnerabilities

Source: CCN
Type: TLSA-2005-68
Two vulnerabilities discovered in gdb

Source: CCN
Type: USN-135-1
gdb vulnerabilities

Source: XF
Type: UNKNOWN
gdb-file-gain-privileges(20701)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11072

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:gdb:*:r2:*:*:*:*:*:* (Version <= 6.3)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnu:gdb:-:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:*:*:home:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:11072
    V
    		gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
    2013-04-29
    oval:com.redhat.rhsa:def:20050709
    P
    		RHSA-2005:709: gdb security update (Low)
    2005-10-05
    BACK
    gnu gdb * r2
    gnu gdb -
    gentoo linux *
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    turbolinux turbolinux home *
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1