This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sas First view 2002-12-31
Product Base Last view 2002-12-31
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:sas:base:8.0:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
7.2 2002-12-31 CVE-2002-2018

sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.

10 2002-12-31 CVE-2002-2017

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths

Open Source Vulnerability Database (OSVDB)

id Description
60022 SAS/Base sastcpd authprog Environment Variable Subversion Arbitrary Code Exec...
60021 SAS/Base sastcpd netencralg Environment Variable Local Privilege Escalation