Bug 826263 (CVE-2012-2658) - CVE-2012-2658 unixodbc: buffer overflow due to improper checking of DRIVER= input
Summary: CVE-2012-2658 unixodbc: buffer overflow due to improper checking of DRIVER= i...
Alias: CVE-2012-2658
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On:
Blocks: 826265
TreeView+ depends on / blocked
Reported: 2012-05-29 21:31 UTC by Vincent Danen
Modified: 2021-02-23 14:39 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2012-05-30 21:23:00 UTC

Attachments (Terms of Use)

Description Vincent Danen 2012-05-29 21:31:58 UTC
It was reported that the unixODBC library does not properly check the input from the DRIVER= option in the DSN, which could cause a buffer overflow when passed to the SQLDriverConnect() function.  The vulnerable versions are reported as being >= 2.3.1.

This has not been corrected upstream as of yet.

Comment 1 Vincent Danen 2012-05-29 21:35:54 UTC
The original report to oss-security is here:


Comment 3 Vincent Danen 2012-05-30 21:23:00 UTC
The DSN can only be supplied from a trusted environment, such as a configuration file or in a script written by the author (such as a PHP script).  The DSN should never come from an untrusted source (such as user input) in these cases.  The isql tool allows a user to supply an arbitrary DSN, but the end result there is the termination of the isql tool itself.


Red Hat does not consider a user assisted client crash such as this to be a security flaw.

Note You need to log in before you can comment on or make changes to this bug.