If any component requires, any of the recommended security flags not to be set in libxml, the use-case, as well as controls in place to provide required protection, must be reviewed and approved by Platform Security Team, before proceeding with the release of such component.
Including unvalidated data in an HTTP header allows an attacker to specify the entirety of the HTTP response rendered by the browser.
This could result in the execution of arbitrary commands such as granting permissions to unauthorized queries, and content modification inside the LDAP tree.
The same advanced exploitation techniques available in SQL Injection can be similarly applied in LDAP Injection Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system via a vulnerable application.
When an HTTP request contains unexpected CR (carriage return, also given by or \r) and LF (line feed, also given by or \n) characters, the server may respond with an output stream that is interpreted as two different HTTP responses (instead of one).
An attacker can control the second response and mount attacks such as cross-site scripting and cache poisoning attacks that performs necessary filtering.
Command injection attacks are possible largely due to insufficient input validation If any component requires that, user input to be appended to an OS command or to be interpreted as OS command, the use-case, as well as controls in place to provide required protection, must be reviewed and approved by Platform Security Team, before proceeding with the release of such component.
For example, the "Cryptographic Algorithms" section discusses general recommendations on selecting cryptographic algorithms, and sections such as "Security Related HTTP Headers" and "Securing Cookies", summarize prevention techniques used across preventing multiple attacks.
Platform Security Team should be informed and approval should be obtained before releasing such component or a transport implementation.
Including unvalidated data in log files allows an attacker to forge log entries or inject malicious content into logs.
Command injection attacks are possible when an application passes unsafe user supplied data (forms, cookies, HTTP headers etc.) to a system shell.
In this attack, the attacker-supplied operating system commands are usually executed with the privileges of the vulnerable application.