Lucene search

K

Veracode Vulnerability DatabaseVERACODE:11154

HistoryJan 15, 2019 - 8:57 a.m.

Privilege Escalation

2019-01-1508:57:44

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

14

EPSS

0

Percentile

5.1%

gdb is vulnerable to privilege escalation attacks. The vulnerability exists as GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.

References

rhn.redhat.com/errata/RHSA-2013-0522.html

sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src

sourceware.org/gdb/current/onlinedocs/gdb/Auto_002dloading-safe-path.html#Auto_002dloading-safe-path

sourceware.org/gdb/current/onlinedocs/gdb/Auto_002dloading.html#Auto_002dloading

sourceware.org/ml/gdb-patches/2011-04/msg00559.html

sourceware.org/ml/gdb-patches/2011-05/msg00202.html

www.securitytracker.com/id/1028191

access.redhat.com/errata/RHSA-2013:0522

access.redhat.com/security/cve/CVE-2011-4355

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=703238

bugzilla.redhat.com/show_bug.cgi?id=811648

bugzilla.redhat.com/show_bug.cgi?id=836966

rhn.redhat.com/errata/RHSA-2013-0522.html

EPSS

0

Percentile

5.1%

Related for VERACODE:11154

nessus12 seebug1 centos1 debiancve1 amazon1 cve1 redhat2 fedora2 openvas10 oraclelinux1 prion1 ubuntucve1 nvd1 cvelist1 photon2