Red Hat Bugzilla – Bug 684036
CVE-2011-1145 unixODBC: possible buffer overrun in SQLDriverConnect()
Last modified: 2011-03-24 16:18:16 EDT
It was reported  that a possible buffer overrun flaw exists in unixODBC's SQLDriverConnect() function. A large value for the SAVEFILE parameter in the connection string could trigger this, resulting in a crash. SecurityFocus claims this may also lead to the execution of arbitrary code as the user running the application using unixODBC . This has been corrected upstream .
This is just a DoS for us on RHEL5+. It's a stack buffer that gets overflowed, which will be caught by stack protector. I would suggest we wontfix this on those platforms.
We should also probably wontfix this on RHEL4, it's certainly a low severity issue since you have to connect to a malicious server (which isn't very likely), and RHEL4 is near the end of its life. We have more important issues to invest our time in.
The Red Hat Security Response Team has rated this issue as having low security impact. We do not currently plan to fix this flaw. If more information becomes available at a future date, we may revisit the issue.