CVE-2005-1705
gdb < 6.3 - Unauthenticated Remote Code Execution via .gdbinit Configuration File
Title source: llmDescription
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References (10)
Core 10
Core References
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17072
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18506
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-709.html
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm
Patch, Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-801.html
Issue Tracking x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=88398
Vendor Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200505-15.xml
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072
Patch, Vendor Advisory vendor-advisory
x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17356
Scores
EPSS
0.0006
EPSS Percentile
17.8%
Details
Status
published
Products (1)
gnu/gdb
< 6.3
Published
May 24, 2005
Tracked Since
Feb 18, 2026