« IntelDatasetRejected:test » : différence entre les versions

De HackBBS
Aller à la navigation Aller à la recherche
HackBBS (discussion | contributions)
Aucun résumé des modifications
HackBBS (discussion | contributions)
Aucun résumé des modifications
 
(5 versions intermédiaires par le même utilisateur non affichées)
Ligne 24 : Ligne 24 :
         "author": "korigan",<br />
         "author": "korigan",<br />
         "comment": "rejected test"<br />
         "comment": "rejected test"<br />
    },<br />
    {<br />
        "description": "./modules/generators/mod_cgid.c:659:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "test"<br />
    },<br />
    {<br />
        "description": "./srclib/apr/file_io/netware/filestat.c:136:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "dd"<br />
    },<br />
    {<br />
        "description": "./os/unix/unixd.c:265:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "ss"<br />
    },<br />
    {<br />
        "description": "./srclib/apr/threadproc/win32/proc.c:297:\u00a0 [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732).<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "ss"<br />
    },<br />
    {<br />
        "description": "./srclib/apr/file_io/unix/filestat.c:179:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "ss"<br />
    },<br />
    {<br />
        "description": "./include/http_log.h:459:\u00a0 [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.<nowiki></nowiki>",<br />
        "author": "korigan",<br />
        "comment": "ss"<br />
     }<br />
     }<br />
]
]

Dernière version du 10 septembre 2024 à 19:08

[

   {
"description": "./pcap_sniffer.c:55: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "ko"
},
{
"description": "./pcap_sniffer.c:59: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "koko"
},
{
"description": "./pcap_sniffer.c:47: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \\0-terminate or check for invalid pointers [MS-banned] (CWE-120).",
"comment": "non"
},
{
"description": null,
"comment": "nok"
},
{
"description": "./pcap_sniffer.c:71: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "nok"
},
{
"description": "./modules/md/mod_md_os.c:43:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "rejected test"
},
{
"description": "./modules/generators/mod_cgid.c:659:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "test"
},
{
"description": "./srclib/apr/file_io/netware/filestat.c:136:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.",
"author": "korigan",
"comment": "dd"
},
{
"description": "./os/unix/unixd.c:265:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "ss"
},
{
"description": "./srclib/apr/threadproc/win32/proc.c:297:\u00a0 [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732).",
"author": "korigan",
"comment": "ss"
},
{
"description": "./srclib/apr/file_io/unix/filestat.c:179:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.",
"author": "korigan",
"comment": "ss"
},
{
"description": "./include/http_log.h:459:\u00a0 [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.",
"author": "korigan",
"comment": "ss"
}

]