{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2013-03-04T21:00:00.000Z"}, "references": [{"name": "RHSA-2013:0522", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"}, {"name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"}, {"name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src"}, {"name": "1028191", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1028191"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:09:18.432Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2013:0522", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"}, {"name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"}, {"name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src"}, {"name": "1028191", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1028191"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4355", "state": "PUBLISHED", "dateReserved": "2011-11-04T00:00:00.000Z", "datePublished": "2013-03-04T21:00:00.000Z", "dateUpdated": "2024-08-07T00:09:18.432Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*", "matchCriteriaId": "00292181-9124-4455-8D89-4DA98B18D55F", "versionEndIncluding": "7.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "1DFDC526-7E5F-4A20-8E57-B66F1D38DE05", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "16D34C25-D05C-451C-88E2-24F81FCAC422", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.0.92:*:*:*:*:*:*:*", "matchCriteriaId": "E446F5DE-2CE0-4BCB-90E2-7784C1B7FF87", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5AA539B4-EECD-4ACA-A6A0-CC2F227327F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFDA6059-74D7-42F8-9050-4FE799BC5493", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D1FF5DD-EA08-42BE-B15F-77471A789E41", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "79450E0C-9A5E-4B7B-A3C0-62EB53F88402", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9B398336-87F4-4230-AECF-B171F1D35B55", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EC829F2-A2EA-4D9F-9C1C-CA601A6B913C", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "476AE5E9-497C-487F-BF1B-D6A71E768E82", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6EFF01B6-4DBE-4E1E-A3DD-761D255B6457", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "96463304-7618-4DC4-BC7F-20C8BB867115", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D90AB7BE-2537-4E43-B156-BDCD637A7CFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A3D4325-5DCA-4C46-974E-888028ABCC64", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "BECA9331-7A36-42A0-AEE9-E7C2E8180AA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B5C0145F-191A-483A-A3F0-6E6935F04B32", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3AF78BF4-DAE9-4BA2-8146-0DAABEBFB9B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "62785B32-8CEA-45D1-88B8-F43C55B9FE00", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "63EB885C-5FAE-4F70-90EC-5851EEDADB24", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "B764BB01-D369-4380-AAF3-10CDD25CE28D", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C56500AB-7F96-4708-8C17-11CDF97770D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D9CAAB-5BFD-4E2B-88A0-3101E7A9696A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E9E8E80-C8E7-41B7-94B0-EE4D7926193B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB6DB5FA-DD3D-4C0D-BA11-EF7DF9E18702", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "3E10B8AA-22C9-48AC-89F6-A68ADB51F956", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "80C4BFA4-642F-48FB-8EA1-533C3A2F5322", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DD613C2F-98F9-4C0D-98E8-B04E0437B248", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gdb:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FA3AB084-7C89-44CA-9B56-BA061430DF3E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."}, {"lang": "es", "value": "GNU Project Debugger (GDB) anterior a v7.5, cuando se define .debug_gdb_scripts, carga autom\u00e1ticamente ciertos archivos en el directorio de trabajo actual, permitiendo a usuarios locales obtener privilegios a trav\u00e9s de ficheros elaborados, tales como scripts en Python."}], "id": "CVE-2011-4355", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-03-05T21:38:53.887", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"}, {"source": "secalert@redhat.com", "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src"}, {"source": "secalert@redhat.com", "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"}, {"source": "secalert@redhat.com", "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1028191"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1028191"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0522", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "gdb-0:7.2-60.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-02-20T00:00:00Z"}], "bugzilla": {"description": "gdb: object file .debug_gdb_scripts section improper input validation", "id": "703238", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=703238"}, "csaw": false, "cvss": {"cvss_base_score": "3.7", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-20", "details": ["GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."], "name": "CVE-2011-4355", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Will not fix", "package_name": "gdb", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "gdb", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2011-04-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-4355\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-4355"], "threat_severity": "Moderate"}

{}