CVE-2012-2658

** DISPUTED ** Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has legitimate access to cause a DoS or execute code, and therefore the issue would not cross privilege boundaries. There may be limited attack scenarios if isql command-line options are exposed to an attacker, although it seems likely that other, more serious issues would also be exposed, and this issue might not cross privilege boundaries in that context.

CVSS v2.0 2.1 LOW

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2012/05/29/10
http://www.openwall.com/lists/oss-security/2012/05/29/7
http://www.openwall.com/lists/oss-security/2012/05/30/7
http://www.openwall.com/lists/oss-security/2012/05/31/2
http://www.openwall.com/lists/oss-security/2012/06/06/3
http://www.osvdb.org/82460
http://www.securityfocus.com/bid/53712
https://exchange.xforce.ibmcloud.com/vulnerabilities/75940

Configurations

Configuration 1 (hide)

cpe:2.3:a:unixodbc:unixodbc:2.3.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-31 18:55

Updated : 2024-08-06 20:15

NVD link : CVE-2012-2658

Mitre link : CVE-2012-2658

CVE.ORG link : CVE-2012-2658

JSON object : View

Products Affected

unixodbc

unixodbc

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2012-2658", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "secalert@redhat.com"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-08-31T18:55:01.137", "references": [{"url": "http://www.openwall.com/lists/oss-security/2012/05/29/10", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/29/7", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/30/7", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/31/2", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/06/06/3", "source": "secalert@redhat.com"}, {"url": "http://www.osvdb.org/82460", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/53712", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75940", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has legitimate access to cause a DoS or execute code, and therefore the issue would not cross privilege boundaries. There may be limited attack scenarios if isql command-line options are exposed to an attacker, although it seems likely that other, more serious issues would also be exposed, and this issue might not cross privilege boundaries in that context."}, {"lang": "es", "value": "** EN DISPUTA ** Desbordamiento de b\u00fafer en la funci\u00f3n SQLDriverConnect en unixODBC v2.3.1 permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una cadena larga en la opci\u00f3n 'DRIVER'. NOTA: este problema puede no ser una vulnerabilidad, ya que la capacidad de establecer esta opci\u00f3n suele implicar que el atacante ya tiene acceso leg\u00edtimo para causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo, y por lo tanto el problema no ser\u00eda con los privilegios. Puede haber escenarios limitados de ataque si las opciones de la l\u00ednea de comandos isql est\u00e1n expuestos a un atacante, aunque parece probable que otros asuntos m\u00e1s graves tambi\u00e9n se ver\u00edan expuestos, y este problema no puede cruzar los l\u00edmites de privilegio en ese contexto.\r\n"}], "lastModified": "2024-08-06T20:15:27.603", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:unixodbc:unixodbc:2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F534A85-7BFF-43BB-8CC1-F7D197AD2343"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}