Local Command Execution Vulnerability in GNU Debugger by Red Hat
CVE-2005-1705

Currently unrated

Key Information:

Vendor: Gnu
Status: Gdb
Vendor: CVE Published:; 24 May 2005

What is CVE-2005-1705?

The GNU Debugger (gdb) prior to version 6.3 permits local users to load configurations from the current working directory, specifically the .gdbinit file. This behavior can be exploited by a malicious local user to run arbitrary commands in the context of the user who is executing gdb. This vulnerability poses a significant security risk, as it enables unauthorized command execution without elevated privileges.

References

http://secunia.com/advisories/17072

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/18506

third-party-advisoryx_refsource_SECUNIA

http://www.redhat.com/support/errata/RHSA-2005-709.html

vendor-advisoryx_refsource_REDHAT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2005
Vulnerability Reserved
May 24, 2005

Gnu

What is CVE-2005-1705?

References

Timeline