Red Hat Bugzilla – Bug 826263
CVE-2012-2658 unixodbc: buffer overflow due to improper checking of DRIVER= input
Last modified: 2012-05-30 17:23:00 EDT
It was reported that the unixODBC library does not properly check the input from the DRIVER= option in the DSN, which could cause a buffer overflow when passed to the SQLDriverConnect() function. The vulnerable versions are reported as being >= 2.3.1.
This has not been corrected upstream as of yet.
The original report to oss-security is here:
The DSN can only be supplied from a trusted environment, such as a configuration file or in a script written by the author (such as a PHP script). The DSN should never come from an untrusted source (such as user input) in these cases. The isql tool allows a user to supply an arbitrary DSN, but the end result there is the termination of the isql tool itself.
Red Hat does not consider a user assisted client crash such as this to be a security flaw.