Vulnerability Name: | CVE-2005-1705 (CCN-20701) | ||||||||||||
Assigned: | 2005-05-20 | ||||||||||||
Published: | 2005-05-20 | ||||||||||||
Updated: | 2017-10-11 | ||||||||||||
Summary: | gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb. | ||||||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-Other | ||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||
References: | Source: CONFIRM Type: UNKNOWN http://bugs.gentoo.org/show_bug.cgi?id=88398 Source: MITRE Type: CNA CVE-2005-1705 Source: CCN Type: RHSA-2005-709 gdb security update Source: CCN Type: RHSA-2005-801 gdb security update Source: SECUNIA Type: Patch, Vendor Advisory 17072 Source: SECUNIA Type: UNKNOWN 17356 Source: CCN Type: SA18506 Avaya gdb Integer Overflow and Insecure Initialisation File Handling Source: SECUNIA Type: UNKNOWN 18506 Source: GENTOO Type: Vendor Advisory GLSA-200505-15 Source: SECUNIA Type: UNKNOWN 18506 Source: CCN Type: ASA-2006-015 gdb security update (RHSA-2005-801) Source: CCN Type: GLSA-200505-15 gdb: Multiple vulnerabilities Source: CCN Type: GDB: The GNU Project Debugger Web page GDB: The GNU Project Debugger Source: MANDRAKE Type: Patch, Vendor Advisory MDKSA-2005:095 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2005:709 Source: REDHAT Type: Patch, Vendor Advisory RHSA-2005:801 Source: CCN Type: BID-13697 GDB Multiple Vulnerabilities Source: CCN Type: TLSA-2005-68 Two vulnerabilities discovered in gdb Source: CCN Type: USN-135-1 gdb vulnerabilities Source: XF Type: UNKNOWN gdb-file-gain-privileges(20701) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11072 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |