Arbitrary Command Execution via .gdbinit Configuration File in GDB

Arbitrary Command Execution via .gdbinit Configuration File in GDB

CVE-2005-1705 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.

Learn more about our User Device Pen Test.