CVE-2011-4355
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
| Software | From | Fixed in |
|---|---|---|
| gnu / gdb | 6.1 | 6.1.x |
| gnu / gdb | 6.1.1 | 6.1.1.x |
| gnu / gdb | 5.2.1 | 5.2.1.x |
| gnu / gdb | 6.3 | 6.3.x |
| gnu / gdb | 5.1.1 | 5.1.1.x |
| gnu / gdb | 6.7.1 | 6.7.1.x |
| gnu / gdb | 6.2 | 6.2.x |
| gnu / gdb | 5.2 | 5.2.x |
| gnu / gdb | 4.18 | 4.18.x |
| gnu / gdb | 5.1 | 5.1.x |
| gnu / gdb | 7.3.1 | 7.3.1.x |
| gnu / gdb | 5.0 | 5.0.x |
| gnu / gdb | 7.2 | 7.2.x |
| gnu / gdb | 5.0.92 | 5.0.92.x |
| gnu / gdb | 6.5 | 6.5.x |
| gnu / gdb | 6.4 | 6.4.x |
| gnu / gdb | 7.4 | 7.4.x |
| gnu / gdb | 7.0 | 7.0.x |
| gnu / gdb | 6.8 | 6.8.x |
| gnu / gdb | 7.3 | 7.3.x |
| gnu / gdb | 6.2.1 | 6.2.1.x |
| gnu / gdb | 6.6 | 6.6.x |
| gnu / gdb | 7.0.1 | 7.0.1.x |
| gnu / gdb | 7.1 | 7.1.x |
| gnu / gdb | 5.0.93 | 5.0.93.x |
| gnu / gdb | 6.7 | 6.7.x |
| gnu / gdb | 5.3 | 5.3.x |
| gnu / gdb | 6.0 | 6.0.x |
| gnu / gdb | - | 7.4.1.x |
- http://rhn.redhat.com/errata/RHSA-2013-0522.html
- http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src
- http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html
- http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html
- http://www.securitytracker.com/id/1028191
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime