This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Sas First view 2002-12-31
Product Base Last view 2002-12-31
Version 8.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:sas:base

Activity : Overall

Related : CVE

  Date Alert Description
7.2 2002-12-31 CVE-2002-2018

sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.

10 2002-12-31 CVE-2002-2017

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths

Open Source Vulnerability Database (OSVDB)

id Description
60022 SAS/Base sastcpd authprog Environment Variable Subversion Arbitrary Code Exec...
60021 SAS/Base sastcpd netencralg Environment Variable Local Privilege Escalation