• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SAS SASTCPD Command Line Argument Buffer Overflow Vulnerability

Solution:
This problem has been fixed in version 8.2.

Patches available:


SAS Base 8.0

• SAS 82ba10ap.tar
  Tru64 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/alx/82ba10a p.tar


• SAS 82ba10ar.tar
  AIX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/r6x/82ba10a r.tar


• SAS 82ba10av.zip
  OpenVMS Alpha Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/alp/82ba10a v.zip


• SAS 82ba10cm.vmarc
  CMS Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/cms/82ba10c m.vmarc


• SAS 82ba10h6.tar
  HP-UX 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/h64/82ba10h 6.tar


• SAS 82ba10h8.tar
  HP-UX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/h8x/82ba10h 8.tar


• SAS 82ba10ia.tar
  ABI+ Intel Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/iab/82ba10i a.tar


• SAS 82ba10lx.tar
  Linux Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/lnx/82ba10l x.tar


• SAS 82ba10o2.exe
  OS/2 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/os2/82ba10o 2.exe


• SAS 82ba10os.exe
  OS/390 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/mvs/82ba10o s.exe


• SAS 82ba10r6.tar
  AIX 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/r64/82ba10r 6.tar


• SAS 82ba10s2.tar
  Solaris Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/slx/82ba10s 2.tar


• SAS 82ba10s6.tar
  Solaris 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/s64/82ba10s 6.tar


• SAS 82ba10sg.tar
  IRIX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/sgi/82ba10s g.tar


• SAS 82ba10vm.zip
  OpenVMS VAX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/vax/82ba10v m.zip


• SAS 82ba10wn.exe
  Windows Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/win/82ba10w n.exe

SAS Base 8.1

• SAS 82ba10ap.tar
  Tru64 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/alx/82ba10a p.tar


• SAS 82ba10ar.tar
  AIX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/r6x/82ba10a r.tar


• SAS 82ba10av.zip
  OpenVMS Alpha Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/alp/82ba10a v.zip


• SAS 82ba10cm.vmarc
  CMS Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/cms/82ba10c m.vmarc


• SAS 82ba10h6.tar
  HP-UX 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/h64/82ba10h 6.tar


• SAS 82ba10h8.tar
  HP-UX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/h8x/82ba10h 8.tar


• SAS 82ba10ia.tar
  ABI+ Intel Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/iab/82ba10i a.tar


• SAS 82ba10lx.tar
  Linux Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/lnx/82ba10l x.tar


• SAS 82ba10o2.exe
  OS/2 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/os2/82ba10o 2.exe


• SAS 82ba10os.exe
  OS/390 Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/mvs/82ba10o s.exe


• SAS 82ba10r6.tar
  AIX 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/r64/82ba10r 6.tar


• SAS 82ba10s2.tar
  Solaris Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/slx/82ba10s 2.tar


• SAS 82ba10s6.tar
  Solaris 64bit Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/s64/82ba10s 6.tar


• SAS 82ba10sg.tar
  IRIX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/sgi/82ba10s g.tar


• SAS 82ba10vm.zip
  OpenVMS VAX Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/vax/82ba10v m.zip


• SAS 82ba10wn.exe
  Windows Platform
  http://ftp.sas.com/techsup/download/hotfix/v82/base/82ba10/win/82ba10w n.exe