Difference between revisions of "OWASP Periodic Table of Vulnerabilities - LDAP Injection"
(Created page with "Return to Periodic Table Working View == LDAP Injection == === Root Cause Summary === LDAP quer...")
Latest revision as of 21:57, 22 July 2013
Root Cause Summary
LDAP queries are formed using dynamic data without performing proper encoding, allowing the data to change the functional meaning of the query.
Browser / Standards Solution
Generic Framework Solution
The framework should provide safe libraries for interacting with LDAP servers which automatically encode unsafe data. The framework should not allow application code to directly interact with LDAP servers.
Custom Framework Solution
Custom Code Solution
Discussion / Controversy