CVE-2005-1705 Information

Description

gdb before 6.3 searches the current working directory to load the .gdbinit configuration file which allows local users to execute arbitrary commands as the user running gdb.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=88398 http://secunia.com/advisories/17072 http://secunia.com/advisories/17356 http://secunia.com/advisories/18506 http://security.gentoo.org/glsa/glsa-200505-15.xml http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm http://www.mandriva.com/security/advisories?name=MDKSA-2005:095 http://www.redhat.com/support/errata/RHSA-2005-709.html http://www.redhat.com/support/errata/RHSA-2005-801.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11072