File tree Expand file tree Collapse file tree 1 file changed +3
-4
lines changed
python/ql/src/experimental/Security/CWE-287 Expand file tree Collapse file tree 1 file changed +3
-4
lines changed Original file line number Diff line number Diff line change 33 "qhelp.dtd">
44<qhelp >
55<overview >
6- <p >If an LDAP query is built using string concatenation or string formatting, and it doesn't carry any kind of authentication,
7- anonymous binds causes an empty or None-set password to result in a successful authentication.</p >
6+ <p >If an LDAP query doesn't carry any kind of authentication, anonymous binds causes an empty or None-set password
7+ to result in a successful authentication.</p >
88</overview >
99
1010<recommendation >
1111<p >Use a strong password while establishing a LDAP connection to execute a query a user controls.</p >
1212</recommendation >
1313
1414<example >
15- <p >In the following examples, the code accepts both <code >username</code > and <code >dc</code > from the user,
16- which it then uses to build a LDAP query and DN while the connection carries no authentication or binds anonymously.</p >
15+ <p >In the following examples, the code builds a LDAP query whose execution carries no authentication or binds anonymously.</p >
1716
1817<sample src =" examples/auth_bad_2.py"
1918<sample src =" examples/auth_bad_3.py"
You can’t perform that action at this time.
0 commit comments