Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Bru | Tolis_group | * | 17.0 (including) |