Re: [VulnWatch] sastcpd Buffer Overflow and Format String Vulnerabilities

From: William D. Colburn (aka Schlake) (wcolburnat_private)
Date: Tue Jan 29 2002 - 09:54:57 PST

Next message: elliptic: "Re: sastcpd Buffer Overflow and Format String Vulnerabilities"

Previous message: Cabezon Aurélien: "Xoops SQL fragment disclosure and SQL injection vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I installed SAS without any suid bits May of 2000, and no one has
complained about anything not working.  Removing the suid bit probably
won't hurt anything.

Also, my version is 8.00 and seems only to have the format string
problem, not the buffer overflow.

On Tue, Jan 29, 2002 at 09:59:41AM +0000, Wodahs Latigid wrote:
> IMPACT
> 
> sastcpd is installed setuid root by default, and therefore
> full root privileges can be obtained through exploitation
> of either of these vulnerabilities.

> Version tested:
> SAS Job Spawner for Open Systems version 8.01

--
William Colburn, "Sysprog" <wcolburnat_private>
Computer Center, New Mexico Institute of Mining and Technology
http://www.nmt.edu/tcc/     http://www.nmt.edu/~wcolburn

Next message: elliptic: "Re: sastcpd Buffer Overflow and Format String Vulnerabilities"
Previous message: Cabezon Aurélien: "Xoops SQL fragment disclosure and SQL injection vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jan 29 2002 - 10:10:07 PST