CVE-2003-0584

BRU < 17.0 - Local Format String Vulnerability via Command Line Argument

Title source: manual

Exploitation Summary

EIP tracks 2 public exploits for CVE-2003-0584. PoCs published by nic, DVDMAN.

AI-analyzed exploit summary This exploit leverages a format string vulnerability in BRU (Backup and Restore Utility) to achieve local privilege escalation by overwriting memory addresses with crafted input. The shellcode spawns a root shell when executed.

Description

Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.

Exploits (2)

exploitdb WORKING POC VERIFIED

by nic · clocalunix

https://www.exploit-db.com/exploits/22924

View Code ZIP pw:eip

This exploit leverages a format string vulnerability in BRU (Backup and Restore Utility) to achieve local privilege escalation by overwriting memory addresses with crafted input. The shellcode spawns a root shell when executed.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: BRU (Backup and Restore Utility)

No auth needed

Prerequisites: BRU installed with suid bit set · Local access to the system

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by DVDMAN · clocalunix

https://www.exploit-db.com/exploits/22923

View Code ZIP pw:eip

This exploit leverages a stack-based buffer overflow in EST BRU Backup and Restore Utility to achieve local privilege escalation. It targets both Linux and FreeBSD systems by overwriting the return address with a crafted payload containing shellcode.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: EST BRU Backup and Restore Utility

No auth needed

Prerequisites: Local access to the target system · BRU installed with suid bit set

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=105846288808846&w=2

Scores

EPSS 0.0104

EPSS Percentile 59.5%

Details

Status published

Products (1)

tolis_group/bru < 17.0

Published Aug 18, 2003

Tracked Since Feb 18, 2026