CVE-2003-0584
published 2003-08-18CVE-2003-0584: Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code…
PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.04%
59.7th percentile
Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tolis_group | bru | <= 17.0 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Tolis Group BRU 17.0 - Local Privilege Escalation (1)
exploitdb·2003-07-16
CVE-2003-0584 Tolis Group BRU 17.0 - Local Privilege Escalation (1)
Tolis Group BRU 17.0 - Local Privilege Escalation (1)
---
// source: https://www.securityfocus.com/bid/8215/info
It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer overflow-based attacks.
It should be noted that although BRU does not ship with the suid bit set by default, documentation within the software may instruct users to enable it.
/** EST BRU(TM) Backup and Restore Utility Local Root Exploit
**
** By: [email protected]
**
** Simple Stack overflow Wont say any more :P
**
** Linux & FreeBsd Targets
**
** Greetz: sam,flatline,v0id,#!l33tsecurity@efnet,KF,b0iler,schlumpf,kokanin,DSR
**
** Public R
Exploit-DB
Tolis Group BRU 17.0 - Local Privilege Escalation (2)
exploitdb·2003-07-16
CVE-2003-0584 Tolis Group BRU 17.0 - Local Privilege Escalation (2)
Tolis Group BRU 17.0 - Local Privilege Escalation (2)
---
// source: https://www.securityfocus.com/bid/8215/info
It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer overflow-based attacks.
It should be noted that although BRU does not ship with the suid bit set by default, documentation within the software may instruct users to enable it.
/*
* bru--format--root-expolit::^^)
*
* coded by nic
*
* (c) 0x333 Outsiders Security Labs / www.0x333.org
* test in redhat 8.0
* bash-2.05b$ ls -al bru
* -rws--x--x 1 root bin 165836 11æ29 1999 bru
* bash-2.05b$ id
* uid=37(rpm) gid=37(rpm) groups=37(rpm)
* bash-2.05b$ ./
No writeups or analysis indexed.
2003-08-18
Published