Vulnerability Details : CVE-2005-1705
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Products affected by CVE-2005-1705
- cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-1705
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-1705
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
Vendor statements for CVE-2005-1705
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
References for CVE-2005-1705
-
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095
MandrivaPatch;Vendor Advisory
-
http://secunia.com/advisories/18506
About Secunia Research | Flexera
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072
404 Not Found
-
http://www.redhat.com/support/errata/RHSA-2005-709.html
SupportPatch;Vendor Advisory
-
http://secunia.com/advisories/17072
About Secunia Research | FlexeraPatch;Vendor Advisory
-
http://bugs.gentoo.org/show_bug.cgi?id=88398
88398 – sys-devel/gdb: default config, potential security problem?
-
http://www.redhat.com/support/errata/RHSA-2005-801.html
SupportPatch;Vendor Advisory
-
http://security.gentoo.org/glsa/glsa-200505-15.xml
gdb: Multiple vulnerabilities (GLSA 200505-15) — Gentoo securityVendor Advisory
-
http://secunia.com/advisories/17356
About Secunia Research | Flexera
-
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm
ASA-2006-015 (RHSA-2005-801)
Jump to