gdb is vulnerable to privilege escalation attacks. The vulnerability exists as GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
rhn.redhat.com/errata/RHSA-2013-0522.html
sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src
sourceware.org/gdb/current/onlinedocs/gdb/Auto_002dloading-safe-path.html#Auto_002dloading-safe-path
sourceware.org/gdb/current/onlinedocs/gdb/Auto_002dloading.html#Auto_002dloading
sourceware.org/ml/gdb-patches/2011-04/msg00559.html
sourceware.org/ml/gdb-patches/2011-05/msg00202.html
www.securitytracker.com/id/1028191
access.redhat.com/errata/RHSA-2013:0522
access.redhat.com/security/cve/CVE-2011-4355
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=703238
bugzilla.redhat.com/show_bug.cgi?id=811648
bugzilla.redhat.com/show_bug.cgi?id=836966
rhn.redhat.com/errata/RHSA-2013-0522.html