MiracleLinux 7 : unixODBC-2.3.1-14.el7 (AXSA:2019-4101:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4101:01 advisory. unixODBC: Buffer overflow in unicodetoansicopy can lead to crash or other unspecified impact CVE-2018-7409 unixODBC: Insecure buffer copy in...

EUVD-2018-19216

Malware in sbrugna...

RHEL 5 : unixodbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 -...

Moderate: Red Hat Security Advisory: unixODBC security update

An update for unixODBC is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c

An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could only be exploited via a malicious ODBC database connector package with the maximum impact being a denial of service...

CVE-2018-7485

An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could only be exploited via a malicious ODBC database connector package with the maximum impact being a denial of service...

Huawei EulerOS: Security Advisory for unixODBC (EulerOS-SA-2019-2267)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : unixODBC (EulerOS-SA-2019-2494)

According to the versions of the unixODBC packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Install unixODBC if you want to access databases through ODBC.You will also need the mysql-connector-odbc package if you want to access a MySQ...

EulerOS 2.0 SP3 : unixODBC (EulerOS-SA-2019-2267)

According to the versions of the unixODBC packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy function in DriverManager/info.c.CVE-2018-7409 - The...

NewStart CGSL CORE 5.04 / MAIN 5.04 : unixODBC Multiple Vulnerabilities (NS-SA-2019-0195)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unixODBC packages installed that are affected by multiple vulnerabilities: - The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to...

Security update for unixODBC (moderate)

This update for unixODBC to version 2.3.6 fixes the following issues: - CVE-2018-7409: Buffer overflow in unicodetoansicopy was fixed in 2.3.5 bsc1082290 - CVE-2018-7485: Swapped arguments in SQLWriteFileDSN in odbcinst/SQLWriteFileDSN.c bsc1082484 Other fixes: - Enabled --enable-fastvalidate...

SUSE SLED12 / SLES12 Security Update : unixODBC (SUSE-SU-2018:1832-1)

This update for unixODBC to version 2.3.6 fixes the following issues : - CVE-2018-7409: Buffer overflow in unicodetoansicopy was fixed in 2.3.5 bsc1082290 - CVE-2018-7485: Swapped arguments in SQLWriteFileDSN in odbcinst/SQLWriteFileDSN.c bsc1082484 Other fixes : - Enabled --enable-fastvalidate...

CVE-2018-7485

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7485

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

Code injection

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7485

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7485

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7485

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact...

CVE-2018-7485

CVE-2018-7485 affects unixODBC up to version 2.3.5, where the SQLWriteFileDSN.c function uses strncpy with arguments in the wrong order. This can lead to a denial of service or unspecified impact. Public details in connected advisories indicate fixes/updates exist for unixODBC in affected distrib...