sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd.
Max CVSS
10.0
EPSS Score
0.17%
Published
2002-12-31
Updated
2008-09-05
2 vulnerabilities found