« IntelDatasetRejected:test » : différence entre les versions
Aller à la navigation
Aller à la recherche
Aucun résumé des modifications |
Aucun résumé des modifications |
||
(4 versions intermédiaires par le même utilisateur non affichées) | |||
Ligne 29 : | Ligne 29 : | ||
"author": "korigan",<br /> | "author": "korigan",<br /> | ||
"comment": "test"<br /> | "comment": "test"<br /> | ||
},<br /> | |||
{<br /> | |||
"description": "./srclib/apr/file_io/netware/filestat.c:136:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.<nowiki></nowiki>",<br /> | |||
"author": "korigan",<br /> | |||
"comment": "dd"<br /> | |||
},<br /> | |||
{<br /> | |||
"description": "./os/unix/unixd.c:265:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.<nowiki></nowiki>",<br /> | |||
"author": "korigan",<br /> | |||
"comment": "ss"<br /> | |||
},<br /> | |||
{<br /> | |||
"description": "./srclib/apr/threadproc/win32/proc.c:297:\u00a0 [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732).<nowiki></nowiki>",<br /> | |||
"author": "korigan",<br /> | |||
"comment": "ss"<br /> | |||
},<br /> | |||
{<br /> | |||
"description": "./srclib/apr/file_io/unix/filestat.c:179:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.<nowiki></nowiki>",<br /> | |||
"author": "korigan",<br /> | |||
"comment": "ss"<br /> | |||
},<br /> | |||
{<br /> | |||
"description": "./include/http_log.h:459:\u00a0 [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.<nowiki></nowiki>",<br /> | |||
"author": "korigan",<br /> | |||
"comment": "ss"<br /> | |||
}<br /> | }<br /> | ||
] | ] |
Dernière version du 10 septembre 2024 à 19:08
[
{
"description": "./pcap_sniffer.c:55: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "ko"
},
{
"description": "./pcap_sniffer.c:59: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "koko"
},
{
"description": "./pcap_sniffer.c:47: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \\0-terminate or check for invalid pointers [MS-banned] (CWE-120).",
"comment": "non"
},
{
"description": null,
"comment": "nok"
},
{
"description": "./pcap_sniffer.c:71: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings.",
"comment": "nok"
},
{
"description": "./modules/md/mod_md_os.c:43:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "rejected test"
},
{
"description": "./modules/generators/mod_cgid.c:659:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "test"
},
{
"description": "./srclib/apr/file_io/netware/filestat.c:136:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.",
"author": "korigan",
"comment": "dd"
},
{
"description": "./os/unix/unixd.c:265:\u00a0 [5] (race) chown: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchown( ) instead.",
"author": "korigan",
"comment": "ss"
},
{
"description": "./srclib/apr/threadproc/win32/proc.c:297:\u00a0 [5] (misc) SetSecurityDescriptorDacl: Never create NULL ACLs; an attacker can set it to Everyone (Deny All Access), which would even forbid administrator access (CWE-732).",
"author": "korigan",
"comment": "ss"
},
{
"description": "./srclib/apr/file_io/unix/filestat.c:179:\u00a0 [5] (race) chmod: This accepts filename arguments; if an attacker can move those files, a race condition results. (CWE-362). Use fchmod( ) instead.",
"author": "korigan",
"comment": "ss"
},
{
"description": "./include/http_log.h:459:\u00a0 [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification.",
"author": "korigan",
"comment": "ss"
}
]