Improper Argument Order in SQLWriteFileDSN Function in unixODBC 2.3.5

Improper Argument Order in SQLWriteFileDSN Function in unixODBC 2.3.5

CVE-2018-7485 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.