oss-sec mailing list archives

Re: CVE id request: Multiple buffer overflow in unixODBC

From: Tomas Hoger <thoger () redhat com>
Date: Wed, 30 May 2012 10:07:02 +0200

On Tue, 29 May 2012 09:42:42 -0300 Felipe Pena wrote:

Multiple buffer overflow in unixODBC
===========================

The library unixODBC doesn't check properly the input from FILEDSN=,
DRIVER= options in the DSN, which causes buffer overflow when passed
to the SQLDriverConnect() function.


Reports like this - covering bugs in parsing of the configuration
parameters (i.e. generally trusted input) - should include some
reasoning why these should be considered security.  Nothing obvious not
intended to break PHP safe_mode comes to mind.

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

CVE id request: Multiple buffer overflow in unixODBC Felipe Pena (May 29)
- Re: CVE id request: Multiple buffer overflow in unixODBC Kurt Seifried (May 29)
- Re: CVE id request: Multiple buffer overflow in unixODBC Tomas Hoger (May 30)
  - Re: CVE id request: Multiple buffer overflow in unixODBC Henri Salo (May 30)
  - Re: CVE id request: Multiple buffer overflow in unixODBC Kurt Seifried (May 30)
    - Re: CVE id request: Multiple buffer overflow in unixODBC Felipe Pena (May 30)
    - Re: CVE id request: Multiple buffer overflow in unixODBC Kurt Seifried (May 30)
    - Re: CVE id request: Multiple buffer overflow in unixODBC Felipe Pena (May 30)
    - Re: CVE id request: Multiple buffer overflow in unixODBC Tomas Hoger (May 31)
    - Re: CVE id request: Multiple buffer overflow in unixODBC Kurt Seifried (Jun 05)