CVE-2002-0210
published 2002-05-16CVE-2002-0210: setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$…
PriorityP419high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.89%
54.8th percentile
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tolis_group | bru | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q3gg-6xjx-jwjm: setlicense for TOLIS Group Backup and Restore Utility (BRU) 17
ghsa_unreviewed·2022-04-30
CVE-2002-0210 [HIGH] GHSA-q3gg-6xjx-jwjm: setlicense for TOLIS Group Backup and Restore Utility (BRU) 17
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
Cisco
Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability
vendor_cisco·2003-04-23
Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability
Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability
Cisco Secure ACS for Windows is vulnerable to a buffer overflow on the administration
service which runs on TCP port 2002. Exploitation of this vulnerability results
in a Denial of Service, and can potentially result in system administrator access.
Cisco is providing repaired software, and customers are recommended to install
patches or upgrade at their earliest opportunity. Workarounds can be implemented,
and consist of blocking external access to port 2002 on the ACS.
This issue is documented in Cisco Bug ID CSCea51366. This issue is also being
referenced in the Mitre CVE as CAN-2003-0210.
This advisory is available at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-
No detection rules found.
No writeups or analysis indexed.
2002-05-16
Published