SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #123314

Back to the previous page... Back to the previous page

Test Case IDAccepted123314
Bad / Good / MixedMixedMixed test case
AuthorNSA/Center for Assured Software
Test suite: 108  86  
Added byCharles Oliveira
Type of test caseSource Code
Input string
Expected Output
Submission date2013-05-21
DescriptionCWE: 90 LDAP Injection
BadSource: listen_socket Read data using a listen socket (server side)
GoodSource: Use a fixed string
BadSink : data concatenated into LDAP search, which could result in LDAP Injection
Flow Variant: 63 Data flow: pointer to data passed from one function to another in different source files

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-090: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') on line(s): 69