SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #123309

Back to the previous page... Back to the previous page

Test Case IDAccepted123309
Bad / Good / MixedMixedMixed test case
AuthorNSA/Center for Assured Software
Associations
Test suite: 108  86  
Added byCharles Oliveira
LanguageC
Type of test caseSource Code
Input string
Expected Output
Instructions
Submission date2013-05-21
DescriptionCWE: 90 LDAP Injection
BadSource: listen_socket Read data using a listen socket (server side)
GoodSource: Use a fixed string
Sink:
BadSink : data concatenated into LDAP search, which could result in LDAP Injection
Flow Variant: 52 Data flow: data passed as an argument from one function to another to another in three different source files
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .


					
				
File Contains:
CWE-090: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') on line(s): 70