Bugtraq mailing list archives
Re: sastcpd Buffer Overflow and Format String Vulnerabilities
From: elliptic <elliptic@localhost.localdomain>
Date: Tue, 29 Jan 2002 10:54:38 -0700 (MST)
"SAS software provides the foundation, tools, and solutions for data analysis, report generation, and enterprise-wide information delivery." The "SAS Job Spawner", sastcpd, contains both a buffer overflow and a format string vulnerability. SAS Support say that these problems were fixed in version 8.2 of this product, but we are unable to confirm as we do not have access to this version.
This problem appears to be addressed by the following product note: http://www.sas.com/service/techsup/unotes/SN/004/004201.html Some additional information Digital Shadow neglected to include: sastcpd is part of the SAS/Base component. Although I neither work for SAS, nor do I use their product on a regular basis, I'd assume this means the scope of exposure is broad. Additionally, it appears that the objspawn program included with the SAS/Integration Technologies product is also vulnerable to these bugs. objspawn is also a setuid root executable by default. See the above link for more information. Cheers, ellipse
Current thread:
- Re: sastcpd Buffer Overflow and Format String Vulnerabilities elliptic (Jan 29)
- <Possible follow-ups>
- sastcpd Buffer Overflow and Format String Vulnerabilities Wodahs Latigid (Jan 29)
- Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities William D. Colburn (aka Schlake) (Jan 29)