tag 675058 -security
severity 675058 normal
thanks
On Wed, May 30, 2012 at 09:34:34AM -0700, Steve Langasek wrote:
> On Tue, May 29, 2012 at 06:40:35PM +0300, Henri Salo wrote:
> > Package: unixodbc
> > Version: 2.2.14p2-1
> > Severity: important
> > Tags: security
>
> > From Felipe Pena in [oss-security] CVE id request: Multiple buffer overflow
> > in unixODBC:
> > """
> > Multiple buffer overflow in unixODBC
> > ===========================
>
> > The library unixODBC doesn't check properly the input from FILEDSN=,
> > DRIVER= options in the DSN,
> > which causes buffer overflow when passed to the SQLDriverConnect() function.
>
> > The unixODBC maintainer has been notified about the issue.
>
> > Version affected
> > ============
>
> > FILEDSN= as of 2.0.10
> > DRIVER= as of 2.3.1
>
> What makes this a security bug? What is the attack vector for tricking a
> user into running an ODBC-enabled application with untrusted data in the
> FILEDSN or DRIVER variables?
These are only triggerable by trusted input, so not a security issue.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
