hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-27 17:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
55ffdb4aa144efc2f4cfd36f6680444fbfb6bdee
codeql/python/ql/test/experimental/query-tests/Security/CWE-285/PamAuthorization.qlref
Porcupiney Hairs 92033047a5 Python : Add query to detect PAM authorization bypass 
Using only a call to `pam_authenticate` to check the validity of a login can
lead to authorization bypass vulnerabilities. A `pam_authenticate` only
verifies the credentials of a user. It does not check if a user has an
appropriate authorization to actually login. This means a user with a
expired login or a password can still access the system.

This PR includes a qhelp describing the issue, a query which detects instances where a call to
`pam_acc_mgmt` does not follow a call to `pam_authenticate` and it's
corresponding tests.

This PR has multiple detections. Some of the public one I can find are :
* [CVE-2022-0860](https://nvd.nist.gov/vuln/detail/CVE-2022-0860) found
in [cobbler/cobbler](https://www.github.com/cobbler/cobbler)
* [fredhutch/motuz](https://www.huntr.dev/bounties/d46f91ca-b8ef-4b67-a79a-2420c4c6d52b/)
2022-03-30 00:47:58 +05:30

2 lines
50 B
Plaintext
Raw Blame History

experimental/Security/CWE-285/PamAuthorization.ql
Reference in New Issue View Git Blame Copy Permalink