{ "id": "CVE-2011-4355", "sourceIdentifier": "secalert@redhat.com", "published": "2013-03-05T21:38:53.887", "lastModified": "2023-02-13T00:21:22.620", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts." }, { "lang": "es", "value": "GNU Project Debugger (GDB) anterior a v7.5, cuando se define .debug_gdb_scripts, carga autom\u00e1ticamente ciertos archivos en el directorio de trabajo actual, permitiendo a usuarios locales obtener privilegios a trav\u00e9s de ficheros elaborados, tales como scripts en Python." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 6.9 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 3.4, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-264" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.4.1", "matchCriteriaId": "00292181-9124-4455-8D89-4DA98B18D55F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:4.18:*:*:*:*:*:*:*", "matchCriteriaId": "1DFDC526-7E5F-4A20-8E57-B66F1D38DE05" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "16D34C25-D05C-451C-88E2-24F81FCAC422" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.0.92:*:*:*:*:*:*:*", "matchCriteriaId": "E446F5DE-2CE0-4BCB-90E2-7784C1B7FF87" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5AA539B4-EECD-4ACA-A6A0-CC2F227327F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFDA6059-74D7-42F8-9050-4FE799BC5493" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D1FF5DD-EA08-42BE-B15F-77471A789E41" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "79450E0C-9A5E-4B7B-A3C0-62EB53F88402" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9B398336-87F4-4230-AECF-B171F1D35B55" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "0EC829F2-A2EA-4D9F-9C1C-CA601A6B913C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "476AE5E9-497C-487F-BF1B-D6A71E768E82" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6EFF01B6-4DBE-4E1E-A3DD-761D255B6457" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "96463304-7618-4DC4-BC7F-20C8BB867115" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D90AB7BE-2537-4E43-B156-BDCD637A7CFE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A3D4325-5DCA-4C46-974E-888028ABCC64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "BECA9331-7A36-42A0-AEE9-E7C2E8180AA6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "B5C0145F-191A-483A-A3F0-6E6935F04B32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3AF78BF4-DAE9-4BA2-8146-0DAABEBFB9B1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "62785B32-8CEA-45D1-88B8-F43C55B9FE00" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "63EB885C-5FAE-4F70-90EC-5851EEDADB24" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "B764BB01-D369-4380-AAF3-10CDD25CE28D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "C56500AB-7F96-4708-8C17-11CDF97770D0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "46D9CAAB-5BFD-4E2B-88A0-3101E7A9696A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8E9E8E80-C8E7-41B7-94B0-EE4D7926193B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB6DB5FA-DD3D-4C0D-BA11-EF7DF9E18702" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "3E10B8AA-22C9-48AC-89F6-A68ADB51F956" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "80C4BFA4-642F-48FB-8EA1-533C3A2F5322" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DD613C2F-98F9-4C0D-98E8-B04E0437B248" }, { "vulnerable": true, "criteria": "cpe:2.3:a:gnu:gdb:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FA3AB084-7C89-44CA-9B56-BA061430DF3E" } ] } ] } ], "references": [ { "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html", "source": "secalert@redhat.com" }, { "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src", "source": "secalert@redhat.com" }, { "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html", "source": "secalert@redhat.com" }, { "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html", "source": "secalert@redhat.com" }, { "url": "http://www.securitytracker.com/id/1028191", "source": "secalert@redhat.com" } ] }