Bugtraq mailing list archives

Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities

From: "William D. Colburn (aka Schlake)" <wcolburn () nmt edu>
Date: Tue, 29 Jan 2002 10:54:57 -0700

I installed SAS without any suid bits May of 2000, and no one has
complained about anything not working.  Removing the suid bit probably
won't hurt anything.

Also, my version is 8.00 and seems only to have the format string
problem, not the buffer overflow.

On Tue, Jan 29, 2002 at 09:59:41AM +0000, Wodahs Latigid wrote:

IMPACT

sastcpd is installed setuid root by default, and therefore
full root privileges can be obtained through exploitation
of either of these vulnerabilities.

Version tested:
SAS Job Spawner for Open Systems version 8.01



--
William Colburn, "Sysprog" <wcolburn () nmt edu>
Computer Center, New Mexico Institute of Mining and Technology
http://www.nmt.edu/tcc/     http://www.nmt.edu/~wcolburn

Current thread:

Re: sastcpd Buffer Overflow and Format String Vulnerabilities elliptic (Jan 29)
- <Possible follow-ups>
- sastcpd Buffer Overflow and Format String Vulnerabilities Wodahs Latigid (Jan 29)
  - Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities William D. Colburn (aka Schlake) (Jan 29)