Porcupiney Hairs db231a111c
Python : Improve the PAM authentication bypass query ...
The current PAM auth bypass query which was contributed by me a few months back, alert on a vulenrable function but does not check if the function is actually function. This leads to a lot of fasle positives.
With this PR, I add a taint-tracking configuration to check if the username parameter can actually be supplied by an attacker.
This should bring the FP's significantly down.
2022-11-19 01:29:25 +05:30
2021-02-23 16:01:24 +01:00
2022-10-03 20:35:49 +02:00
2022-03-18 16:31:22 +01:00
2022-10-07 22:31:00 +02:00
2022-07-12 16:02:46 +02:00
2022-10-11 10:49:19 +02:00
2022-10-07 11:23:34 +02:00
2022-10-11 10:49:19 +02:00
2022-10-11 10:49:19 +02:00
2022-09-29 18:05:51 +02:00
2022-10-11 10:49:19 +02:00
2022-10-07 11:23:34 +02:00
2022-10-11 10:49:19 +02:00
2022-10-11 10:49:19 +02:00
2022-09-30 10:37:52 +01:00
2022-10-11 10:49:19 +02:00
2022-10-11 13:59:10 +02:00
2022-10-04 20:39:08 +02:00
2022-11-19 01:29:25 +05:30
2021-02-24 10:12:45 +01:00
2022-10-07 22:31:00 +02:00
2022-10-07 22:31:00 +02:00
2022-10-07 22:31:00 +02:00
2022-10-07 22:31:00 +02:00
2021-07-19 16:54:34 +02:00
2022-05-13 16:32:36 +01:00
2021-07-19 16:56:07 +02:00
2022-10-07 11:23:34 +02:00
2022-09-06 12:01:24 +02:00
2021-07-19 16:54:34 +02:00
2022-10-11 10:49:19 +02:00
2022-10-11 10:49:19 +02:00
2022-10-11 10:49:19 +02:00
2022-10-11 10:49:19 +02:00
2022-11-07 14:31:52 +01:00
2022-11-07 14:31:52 +01:00
2022-10-11 10:49:19 +02:00
2022-09-29 18:05:51 +02:00
2022-10-11 10:49:19 +02:00
2022-10-07 22:31:00 +02:00
2022-10-11 10:49:19 +02:00
2020-07-21 18:01:27 +05:30
db231a111c