Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2005-1705 (GCVE-0-2005-1705)
Vulnerability from cvelistv5 – Published: 2005-05-24 04:00 – Updated: 2024-08-07 21:59
VLAI
EPSS
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/17072 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/18506 | third-party-advisoryx_refsource_SECUNIA |
| http://www.redhat.com/support/errata/RHSA-2005-709.html | vendor-advisoryx_refsource_REDHAT |
| http://support.avaya.com/elmodocs2/security/ASA-2… | x_refsource_CONFIRM |
| http://www.redhat.com/support/errata/RHSA-2005-801.html | vendor-advisoryx_refsource_REDHAT |
| http://bugs.gentoo.org/show_bug.cgi?id=88398 | x_refsource_CONFIRM |
| http://security.gentoo.org/glsa/glsa-200505-15.xml | vendor-advisoryx_refsource_GENTOO |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
| http://secunia.com/advisories/17356 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2005-05-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17356"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17356"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1705",
"datePublished": "2005-05-24T04:00:00.000Z",
"dateReserved": "2005-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:59:24.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2005-1705",
"date": "2026-05-29",
"epss": "0.00057",
"percentile": "0.18092"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"54381A01-33D2-4B69-9E03-162E37081E06\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.\"}]",
"id": "CVE-2005-1705",
"lastModified": "2024-11-20T23:57:56.620",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2005-05-24T04:00:00.000",
"references": "[{\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=88398\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/17072\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/17356\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/18506\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200505-15.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2005:095\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2005-709.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2005-801.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=88398\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/17072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/17356\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/18506\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-200505-15.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2005:095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2005-709.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2005-801.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.\", \"lastModified\": \"2007-03-14T00:00:00\"}]",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2005-1705\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-05-24T04:00:00.000\",\"lastModified\":\"2026-04-16T00:27:16.627\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"54381A01-33D2-4B69-9E03-162E37081E06\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=88398\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/17072\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/17356\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/18506\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200505-15.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2005:095\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-709.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-801.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=88398\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/17356\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/18506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200505-15.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2005:095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-709.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2005-801.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.\",\"lastModified\":\"2007-03-14T00:00:00\"}]}}"
}
}
FKIE_CVE-2005-1705
Vulnerability from fkie_nvd - Published: 2005-05-24 04:00 - Updated: 2026-04-16 00:27
Severity
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*",
"matchCriteriaId": "54381A01-33D2-4B69-9E03-162E37081E06",
"versionEndIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
],
"id": "CVE-2005-1705",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17356"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-5JCM-WWPX-VPR3
Vulnerability from github – Published: 2022-05-01 02:01 – Updated: 2022-05-01 02:01
VLAI
Details
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
{
"affected": [],
"aliases": [
"CVE-2005-1705"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2005-05-24T04:00:00Z",
"severity": "HIGH"
},
"details": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"id": "GHSA-5jcm-wwpx-vpr3",
"modified": "2022-05-01T02:01:11Z",
"published": "2022-05-01T02:01:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"type": "WEB",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/17072"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/17356"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/18506"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"type": "WEB",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2005-1705
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2005-1705",
"description": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"id": "GSD-2005-1705",
"references": [
"https://access.redhat.com/errata/RHSA-2005:801",
"https://access.redhat.com/errata/RHSA-2005:709",
"https://access.redhat.com/errata/RHBA-2005:675"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2005-1705"
],
"details": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"id": "GSD-2005-1705",
"modified": "2023-12-13T01:20:12.002887Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17356"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1705"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource": "CONFIRM",
"tags": [],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "17072",
"refsource": "SECUNIA",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "17356",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/17356"
},
{
"name": "18506",
"refsource": "SECUNIA",
"tags": [],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "18506",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "oval:org.mitre.oval:def:11072",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-10-11T01:30Z",
"publishedDate": "2005-05-24T04:00Z"
}
}
}
RHBA-2005:675
Vulnerability from csaf_redhat - Published: 2005-09-28 00:00 - Updated: 2026-01-13 22:17Summary
Red Hat Bug Fix Advisory: gdb bug fix update
Severity
Low
Notes
Topic: An updated gdb package that fixes various bugs is now available.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++,
and other languages, by executing them in a controlled fashion, and then
printing their data.
This updated package addresses the following issues:
- GDB on ia64 had previously implemented a bug fix to work-around a kernel
problem when creating a core file via gcore. The bug fix caused a
significant slow-down of gcore.
- GDB on Itanium issued an extraneous warning when gcore was used.
- GDB on Itanium could not successfully do an info frame for a signal
trampoline.
- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.
- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.
- GDB could not build with gcc4 when -Werror flag was set.
- GDB had problems printing inherited members of C++ classes.
- A few updates from mainline sources concerning Dwarf2 partial die in
cache support, follow-fork support, interrupted syscall support, and
DW_OP_piece read support.
All users of gdb should upgrade to these updated packages, which resolve
these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Desktop version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::desktop
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux AS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::ws
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Desktop version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::desktop
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux AS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::ws
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes various bugs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++,\nand other languages, by executing them in a controlled fashion, and then\nprinting their data.\n\nThis updated package addresses the following issues:\n\n- GDB on ia64 had previously implemented a bug fix to work-around a kernel\nproblem when creating a core file via gcore. The bug fix caused a\nsignificant slow-down of gcore.\n\n- GDB on Itanium issued an extraneous warning when gcore was used.\n\n- GDB on Itanium could not successfully do an info frame for a signal\ntrampoline.\n\n- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.\n\n- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.\n\n- GDB could not build with gcc4 when -Werror flag was set.\n\n- GDB had problems printing inherited members of C++ classes.\n\n- A few updates from mainline sources concerning Dwarf2 partial die in\ncache support, follow-fork support, interrupted syscall support, and\nDW_OP_piece read support.\n\nAll users of gdb should upgrade to these updated packages, which resolve\nthese issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2005:675",
"url": "https://access.redhat.com/errata/RHBA-2005:675"
},
{
"category": "external",
"summary": "137904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=137904"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhba-2005_675.json"
}
],
"title": "Red Hat Bug Fix Advisory: gdb bug fix update",
"tracking": {
"current_release_date": "2026-01-13T22:17:22+00:00",
"generator": {
"date": "2026-01-13T22:17:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHBA-2005:675",
"initial_release_date": "2005-09-28T00:00:00+00:00",
"revision_history": [
{
"date": "2005-09-28T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-09-28T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:17:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "Red Hat Enterprise Linux AS version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "Red Hat Desktop version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "Red Hat Enterprise Linux ES version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "Red Hat Enterprise Linux WS version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-09-28T00:00:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2005:675"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-09-28T00:00:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2005:675"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHBA-2005_675
Vulnerability from csaf_redhat - Published: 2005-09-28 00:00 - Updated: 2024-11-21 23:56Summary
Red Hat Bug Fix Advisory: gdb bug fix update
Severity
Low
Notes
Topic: An updated gdb package that fixes various bugs is now available.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++,
and other languages, by executing them in a controlled fashion, and then
printing their data.
This updated package addresses the following issues:
- GDB on ia64 had previously implemented a bug fix to work-around a kernel
problem when creating a core file via gcore. The bug fix caused a
significant slow-down of gcore.
- GDB on Itanium issued an extraneous warning when gcore was used.
- GDB on Itanium could not successfully do an info frame for a signal
trampoline.
- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.
- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.
- GDB could not build with gcc4 when -Werror flag was set.
- GDB had problems printing inherited members of C++ classes.
- A few updates from mainline sources concerning Dwarf2 partial die in
cache support, follow-fork support, interrupted syscall support, and
DW_OP_piece read support.
All users of gdb should upgrade to these updated packages, which resolve
these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Desktop version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::desktop
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux AS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::ws
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Desktop version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::desktop
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux AS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 3
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:3::ws
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes various bugs is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++,\nand other languages, by executing them in a controlled fashion, and then\nprinting their data.\n\nThis updated package addresses the following issues:\n\n- GDB on ia64 had previously implemented a bug fix to work-around a kernel\nproblem when creating a core file via gcore. The bug fix caused a\nsignificant slow-down of gcore.\n\n- GDB on Itanium issued an extraneous warning when gcore was used.\n\n- GDB on Itanium could not successfully do an info frame for a signal\ntrampoline.\n\n- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.\n\n- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.\n\n- GDB could not build with gcc4 when -Werror flag was set.\n\n- GDB had problems printing inherited members of C++ classes.\n\n- A few updates from mainline sources concerning Dwarf2 partial die in\ncache support, follow-fork support, interrupted syscall support, and\nDW_OP_piece read support.\n\nAll users of gdb should upgrade to these updated packages, which resolve\nthese issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2005:675",
"url": "https://access.redhat.com/errata/RHBA-2005:675"
},
{
"category": "external",
"summary": "137904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=137904"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhba-2005_675.json"
}
],
"title": "Red Hat Bug Fix Advisory: gdb bug fix update",
"tracking": {
"current_release_date": "2024-11-21T23:56:44+00:00",
"generator": {
"date": "2024-11-21T23:56:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2005:675",
"initial_release_date": "2005-09-28T00:00:00+00:00",
"revision_history": [
{
"date": "2005-09-28T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-09-28T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:56:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "Red Hat Enterprise Linux AS version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "Red Hat Desktop version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "Red Hat Enterprise Linux ES version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "Red Hat Enterprise Linux WS version 3",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-09-28T00:00:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2005:675"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-09-28T00:00:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"Red Hat Desktop version 3",
"Red Hat Enterprise Linux AS version 3",
"Red Hat Enterprise Linux ES version 3",
"Red Hat Enterprise Linux WS version 3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2005:675"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHSA-2005:709
Vulnerability from csaf_redhat - Published: 2005-10-05 11:55 - Updated: 2026-01-13 22:33Summary
Red Hat Security Advisory: gdb security update
Severity
Low
Notes
Topic: An updated gdb package that fixes several bugs and minor security issues is
now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++,
and other languages by executing them in a controlled fashion, then
printing their data.
Several integer overflow bugs were found in gdb. If a user is tricked
into processing a specially crafted executable file, it may allow the
execution of arbitrary code as the user running gdb. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1704 to this issue.
A bug was found in the way gdb loads .gdbinit files. When a user executes
gdb, the local directory is searched for a .gdbinit file which is then
loaded. It is possible for a local user to execute arbitrary commands as
the victim running gdb by placing a malicious .gdbinit file in a location
where gdb may be run. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.
This updated package also addresses the following issues:
- GDB on ia64 had previously implemented a bug fix to work-around a kernel
problem when creating a core file via gcore. The bug fix caused a
significant slow-down of gcore.
- GDB on ia64 issued an extraneous warning when gcore was used.
- GDB on ia64 could not backtrace over a sigaltstack.
- GDB on ia64 could not successfully do an info frame for a signal trampoline.
- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.
- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.
- GDB could not build with gcc4 when -Werror flag was set.
- GDB had problems printing inherited members of C++ classes.
- A few updates from mainline sources concerning Dwarf2 partial die in
cache support, follow-fork support, interrupted syscall support, and
DW_OP_piece read support.
All users of gdb should upgrade to this updated package, which resolves
these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes several bugs and minor security issues is\nnow available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++,\nand other languages by executing them in a controlled fashion, then\nprinting their data.\n\nSeveral integer overflow bugs were found in gdb. If a user is tricked\ninto processing a specially crafted executable file, it may allow the\nexecution of arbitrary code as the user running gdb. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-1704 to this issue.\n\nA bug was found in the way gdb loads .gdbinit files. When a user executes\ngdb, the local directory is searched for a .gdbinit file which is then\nloaded. It is possible for a local user to execute arbitrary commands as\nthe victim running gdb by placing a malicious .gdbinit file in a location\nwhere gdb may be run. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.\n\nThis updated package also addresses the following issues:\n\n- GDB on ia64 had previously implemented a bug fix to work-around a kernel\nproblem when creating a core file via gcore. The bug fix caused a\nsignificant slow-down of gcore.\n\n- GDB on ia64 issued an extraneous warning when gcore was used.\n\n- GDB on ia64 could not backtrace over a sigaltstack.\n\n- GDB on ia64 could not successfully do an info frame for a signal trampoline.\n\n- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.\n\n- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.\n\n- GDB could not build with gcc4 when -Werror flag was set.\n\n- GDB had problems printing inherited members of C++ classes.\n\n- A few updates from mainline sources concerning Dwarf2 partial die in\ncache support, follow-fork support, interrupted syscall support, and\nDW_OP_piece read support.\n\nAll users of gdb should upgrade to this updated package, which resolves\nthese issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:709",
"url": "https://access.redhat.com/errata/RHSA-2005:709"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "158680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=158680"
},
{
"category": "external",
"summary": "158684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=158684"
},
{
"category": "external",
"summary": "160339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=160339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_709.json"
}
],
"title": "Red Hat Security Advisory: gdb security update",
"tracking": {
"current_release_date": "2026-01-13T22:33:20+00:00",
"generator": {
"date": "2026-01-13T22:33:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2005:709",
"initial_release_date": "2005-10-05T11:55:00+00:00",
"revision_history": [
{
"date": "2005-10-05T11:55:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-05T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:33:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.ia64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.ia64",
"product_id": "gdb-0:6.3.0.0-1.63.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.i386",
"product": {
"name": "gdb-0:6.3.0.0-1.63.i386",
"product_id": "gdb-0:6.3.0.0-1.63.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.src",
"product": {
"name": "gdb-0:6.3.0.0-1.63.src",
"product_id": "gdb-0:6.3.0.0-1.63.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.x86_64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.x86_64",
"product_id": "gdb-0:6.3.0.0-1.63.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.ppc64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.ppc64",
"product_id": "gdb-0:6.3.0.0-1.63.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.s390x",
"product": {
"name": "gdb-0:6.3.0.0-1.63.s390x",
"product_id": "gdb-0:6.3.0.0-1.63.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.s390",
"product": {
"name": "gdb-0:6.3.0.0-1.63.s390",
"product_id": "gdb-0:6.3.0.0-1.63.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:55:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:709"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:55:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:709"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHSA-2005:801
Vulnerability from csaf_redhat - Published: 2005-10-18 15:38 - Updated: 2026-01-13 22:15Summary
Red Hat Security Advisory: gdb security update
Severity
Low
Notes
Topic: An updated gdb package that fixes minor security issues is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion, then printing
their data.
Several integer overflow bugs were found in gdb. If a user is tricked into
processing a specially crafted executable file, it may allow the execution
of arbitrary code as the user running gdb. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to
this issue.
A bug was found in the way gdb loads .gdbinit files. When a user executes
gdb, the local directory is searched for a .gdbinit file which is then
loaded. It is possible for a local user to execute arbitrary commands as
the user running gdb by placing a malicious .gdbinit file in a location
where gdb may be run. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.
All users of gdb should upgrade to this updated package, which contains
backported patches that resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::ws
|
— |
Vendor Fix
fix
|
|
Red Hat Linux Advanced Workstation 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::aw
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::ws
|
— |
Vendor Fix
fix
|
|
Red Hat Linux Advanced Workstation 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::aw
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes minor security issues is now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++, and\nother languages by executing them in a controlled fashion, then printing\ntheir data.\n\nSeveral integer overflow bugs were found in gdb. If a user is tricked into\nprocessing a specially crafted executable file, it may allow the execution\nof arbitrary code as the user running gdb. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to\nthis issue.\n\nA bug was found in the way gdb loads .gdbinit files. When a user executes\ngdb, the local directory is searched for a .gdbinit file which is then\nloaded. It is possible for a local user to execute arbitrary commands as\nthe user running gdb by placing a malicious .gdbinit file in a location\nwhere gdb may be run. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.\n\nAll users of gdb should upgrade to this updated package, which contains\nbackported patches that resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:801",
"url": "https://access.redhat.com/errata/RHSA-2005:801"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "169905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=169905"
},
{
"category": "external",
"summary": "169906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=169906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_801.json"
}
],
"title": "Red Hat Security Advisory: gdb security update",
"tracking": {
"current_release_date": "2026-01-13T22:15:44+00:00",
"generator": {
"date": "2026-01-13T22:15:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2005:801",
"initial_release_date": "2005-10-18T15:38:00+00:00",
"revision_history": [
{
"date": "2005-10-18T15:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-18T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:15:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "Red Hat Linux Advanced Workstation 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "Red Hat Enterprise Linux ES version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "Red Hat Enterprise Linux WS version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-18T15:38:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:801"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-18T15:38:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:801"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHSA-2005_709
Vulnerability from csaf_redhat - Published: 2005-10-05 11:55 - Updated: 2024-11-21 23:56Summary
Red Hat Security Advisory: gdb security update
Severity
Low
Notes
Topic: An updated gdb package that fixes several bugs and minor security issues is
now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++,
and other languages by executing them in a controlled fashion, then
printing their data.
Several integer overflow bugs were found in gdb. If a user is tricked
into processing a specially crafted executable file, it may allow the
execution of arbitrary code as the user running gdb. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-1704 to this issue.
A bug was found in the way gdb loads .gdbinit files. When a user executes
gdb, the local directory is searched for a .gdbinit file which is then
loaded. It is possible for a local user to execute arbitrary commands as
the victim running gdb by placing a malicious .gdbinit file in a location
where gdb may be run. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.
This updated package also addresses the following issues:
- GDB on ia64 had previously implemented a bug fix to work-around a kernel
problem when creating a core file via gcore. The bug fix caused a
significant slow-down of gcore.
- GDB on ia64 issued an extraneous warning when gcore was used.
- GDB on ia64 could not backtrace over a sigaltstack.
- GDB on ia64 could not successfully do an info frame for a signal trampoline.
- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.
- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.
- GDB could not build with gcc4 when -Werror flag was set.
- GDB had problems printing inherited members of C++ classes.
- A few updates from mainline sources concerning Dwarf2 partial die in
cache support, follow-fork support, interrupted syscall support, and
DW_OP_piece read support.
All users of gdb should upgrade to this updated package, which resolves
these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes several bugs and minor security issues is\nnow available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++,\nand other languages by executing them in a controlled fashion, then\nprinting their data.\n\nSeveral integer overflow bugs were found in gdb. If a user is tricked\ninto processing a specially crafted executable file, it may allow the\nexecution of arbitrary code as the user running gdb. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\nCAN-2005-1704 to this issue.\n\nA bug was found in the way gdb loads .gdbinit files. When a user executes\ngdb, the local directory is searched for a .gdbinit file which is then\nloaded. It is possible for a local user to execute arbitrary commands as\nthe victim running gdb by placing a malicious .gdbinit file in a location\nwhere gdb may be run. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.\n\nThis updated package also addresses the following issues:\n\n- GDB on ia64 had previously implemented a bug fix to work-around a kernel\nproblem when creating a core file via gcore. The bug fix caused a\nsignificant slow-down of gcore.\n\n- GDB on ia64 issued an extraneous warning when gcore was used.\n\n- GDB on ia64 could not backtrace over a sigaltstack.\n\n- GDB on ia64 could not successfully do an info frame for a signal trampoline.\n\n- GDB on AMD64 and Intel EM64T had problems attaching to a 32-bit process.\n\n- GDB on AMD64 and Intel EM64T was not properly handling threaded watchpoints.\n\n- GDB could not build with gcc4 when -Werror flag was set.\n\n- GDB had problems printing inherited members of C++ classes.\n\n- A few updates from mainline sources concerning Dwarf2 partial die in\ncache support, follow-fork support, interrupted syscall support, and\nDW_OP_piece read support.\n\nAll users of gdb should upgrade to this updated package, which resolves\nthese issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:709",
"url": "https://access.redhat.com/errata/RHSA-2005:709"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "158680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=158680"
},
{
"category": "external",
"summary": "158684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=158684"
},
{
"category": "external",
"summary": "160339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=160339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_709.json"
}
],
"title": "Red Hat Security Advisory: gdb security update",
"tracking": {
"current_release_date": "2024-11-21T23:56:22+00:00",
"generator": {
"date": "2024-11-21T23:56:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:709",
"initial_release_date": "2005-10-05T11:55:00+00:00",
"revision_history": [
{
"date": "2005-10-05T11:55:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-05T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:56:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.ia64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.ia64",
"product_id": "gdb-0:6.3.0.0-1.63.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.i386",
"product": {
"name": "gdb-0:6.3.0.0-1.63.i386",
"product_id": "gdb-0:6.3.0.0-1.63.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.src",
"product": {
"name": "gdb-0:6.3.0.0-1.63.src",
"product_id": "gdb-0:6.3.0.0-1.63.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.x86_64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.x86_64",
"product_id": "gdb-0:6.3.0.0-1.63.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.ppc64",
"product": {
"name": "gdb-0:6.3.0.0-1.63.ppc64",
"product_id": "gdb-0:6.3.0.0-1.63.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.s390x",
"product": {
"name": "gdb-0:6.3.0.0-1.63.s390x",
"product_id": "gdb-0:6.3.0.0-1.63.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gdb-0:6.3.0.0-1.63.s390",
"product": {
"name": "gdb-0:6.3.0.0-1.63.s390",
"product_id": "gdb-0:6.3.0.0-1.63.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb@6.3.0.0-1.63?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product_id": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gdb-debuginfo@6.3.0.0-1.63?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.src"
},
"product_reference": "gdb-0:6.3.0.0-1.63.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
},
"product_reference": "gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:55:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:709"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-05T11:55:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:gdb-0:6.3.0.0-1.63.i386",
"4AS:gdb-0:6.3.0.0-1.63.ia64",
"4AS:gdb-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-0:6.3.0.0-1.63.s390",
"4AS:gdb-0:6.3.0.0-1.63.s390x",
"4AS:gdb-0:6.3.0.0-1.63.src",
"4AS:gdb-0:6.3.0.0-1.63.x86_64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4AS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-0:6.3.0.0-1.63.src",
"4Desktop:gdb-0:6.3.0.0-1.63.x86_64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4Desktop:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-0:6.3.0.0-1.63.i386",
"4ES:gdb-0:6.3.0.0-1.63.ia64",
"4ES:gdb-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-0:6.3.0.0-1.63.s390",
"4ES:gdb-0:6.3.0.0-1.63.s390x",
"4ES:gdb-0:6.3.0.0-1.63.src",
"4ES:gdb-0:6.3.0.0-1.63.x86_64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4ES:gdb-debuginfo-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-0:6.3.0.0-1.63.i386",
"4WS:gdb-0:6.3.0.0-1.63.ia64",
"4WS:gdb-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-0:6.3.0.0-1.63.s390",
"4WS:gdb-0:6.3.0.0-1.63.s390x",
"4WS:gdb-0:6.3.0.0-1.63.src",
"4WS:gdb-0:6.3.0.0-1.63.x86_64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.i386",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ia64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.ppc64",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.s390x",
"4WS:gdb-debuginfo-0:6.3.0.0-1.63.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:709"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHSA-2005_801
Vulnerability from csaf_redhat - Published: 2005-10-18 15:38 - Updated: 2024-11-21 23:56Summary
Red Hat Security Advisory: gdb security update
Severity
Low
Notes
Topic: An updated gdb package that fixes minor security issues is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details: GDB, the GNU debugger, allows debugging of programs written in C, C++, and
other languages by executing them in a controlled fashion, then printing
their data.
Several integer overflow bugs were found in gdb. If a user is tricked into
processing a specially crafted executable file, it may allow the execution
of arbitrary code as the user running gdb. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to
this issue.
A bug was found in the way gdb loads .gdbinit files. When a user executes
gdb, the local directory is searched for a .gdbinit file which is then
loaded. It is possible for a local user to execute arbitrary commands as
the user running gdb by placing a malicious .gdbinit file in a location
where gdb may be run. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.
All users of gdb should upgrade to this updated package, which contains
backported patches that resolve these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::ws
|
— |
Vendor Fix
fix
|
|
Red Hat Linux Advanced Workstation 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::aw
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::as
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux ES version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::es
|
— |
Vendor Fix
fix
|
|
Red Hat Enterprise Linux WS version 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::ws
|
— |
Vendor Fix
fix
|
|
Red Hat Linux Advanced Workstation 2.1
Red Hat / Red Hat Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:2.1::aw
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gdb package that fixes minor security issues is now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "GDB, the GNU debugger, allows debugging of programs written in C, C++, and\nother languages by executing them in a controlled fashion, then printing\ntheir data.\n\nSeveral integer overflow bugs were found in gdb. If a user is tricked into\nprocessing a specially crafted executable file, it may allow the execution\nof arbitrary code as the user running gdb. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-1704 to\nthis issue.\n\nA bug was found in the way gdb loads .gdbinit files. When a user executes\ngdb, the local directory is searched for a .gdbinit file which is then\nloaded. It is possible for a local user to execute arbitrary commands as\nthe user running gdb by placing a malicious .gdbinit file in a location\nwhere gdb may be run. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CAN-2005-1705 to this issue.\n\nAll users of gdb should upgrade to this updated package, which contains\nbackported patches that resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2005:801",
"url": "https://access.redhat.com/errata/RHSA-2005:801"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "169905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=169905"
},
{
"category": "external",
"summary": "169906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=169906"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2005/rhsa-2005_801.json"
}
],
"title": "Red Hat Security Advisory: gdb security update",
"tracking": {
"current_release_date": "2024-11-21T23:56:31+00:00",
"generator": {
"date": "2024-11-21T23:56:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2005:801",
"initial_release_date": "2005-10-18T15:38:00+00:00",
"revision_history": [
{
"date": "2005-10-18T15:38:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2005-10-18T00:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-21T23:56:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product": {
"name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Linux Advanced Workstation 2.1",
"product": {
"name": "Red Hat Linux Advanced Workstation 2.1",
"product_id": "Red Hat Linux Advanced Workstation 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 2.1",
"product": {
"name": "Red Hat Enterprise Linux ES version 2.1",
"product_id": "Red Hat Enterprise Linux ES version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 2.1",
"product": {
"name": "Red Hat Enterprise Linux WS version 2.1",
"product_id": "Red Hat Enterprise Linux WS version 2.1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2005-1704",
"discovery_date": "2005-05-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617660"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1704"
},
{
"category": "external",
"summary": "RHBZ#1617660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1704",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1704"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-18T15:38:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:801"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
},
{
"cve": "CVE-2005-1705",
"discovery_date": "2005-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1617661"
}
],
"notes": [
{
"category": "description",
"text": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2005-1705"
},
{
"category": "external",
"summary": "RHBZ#1617661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2005-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-1705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2005-1705"
}
],
"release_date": "2005-05-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2005-10-18T15:38:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. To use Red Hat Network,\nlaunch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
"product_ids": [
"Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
"Red Hat Enterprise Linux ES version 2.1",
"Red Hat Enterprise Linux WS version 2.1",
"Red Hat Linux Advanced Workstation 2.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2005:801"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…