Merge pull request #88 from CMon/fix-typos

fix `LDAP sever` to `LDAP server`
Threagile · Jul 5, 2024 · 094d896 · 094d896
2 parents 985438a + 23a2fca
commit 094d896
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/pkg/risks/builtin/ldap_injection_rule.go b/pkg/risks/builtin/ldap_injection_rule.go
@@ -21,7 +21,7 @@ func (*LdapInjectionRule) Category() *types.RiskCategory {
 		CheatSheet: "https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html",
 		Action:     "LDAP-Injection Prevention",
 		Mitigation: "Try to use libraries that properly encode LDAP meta characters in searches and queries to access " +
-			"the LDAP sever in order to stay safe from LDAP-Injection vulnerabilities. " +
+			"the LDAP server in order to stay safe from LDAP-Injection vulnerabilities. " +
 			"When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.",
 		Check:          "Are recommendations from the linked cheat sheet and referenced ASVS chapter applied?",
 		Function:       types.Development,

diff --git a/test/all.json b/test/all.json
@@ -1215,7 +1215,7 @@
       "asvs": "V5 - Validation, Sanitization and Encoding Verification Requirements",
       "cheat_sheet": "https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html",
       "action": "LDAP-Injection Prevention",
-      "mitigation": "Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP sever in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.",
+      "mitigation": "Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP server in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.",
       "check": "Are recommendations from the linked cheat sheet and referenced ASVS chapter applied?",
       "detection_logic": "In-scope clients accessing LDAP servers via typical LDAP access protocols.",
       "risk_assessment": "The risk rating depends on the sensitivity of the LDAP server itself and of the data assets processed or stored.",

diff --git a/test/parsed-model.json b/test/parsed-model.json
@@ -1982,7 +1982,7 @@
       "asvs": "V5 - Validation, Sanitization and Encoding Verification Requirements",
       "cheat_sheet": "https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html",
       "action": "LDAP-Injection Prevention",
-      "mitigation": "Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP sever in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.",
+      "mitigation": "Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP server in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.",
       "check": "Are recommendations from the linked cheat sheet and referenced ASVS chapter applied?",
       "function": "development",
       "stride": "tampering",

diff --git a/test/parsed-model.yaml b/test/parsed-model.yaml
@@ -1664,7 +1664,7 @@ built_in_risk_categories:
       asvs: V5 - Validation, Sanitization and Encoding Verification Requirements
       cheat_sheet: https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html
       action: LDAP-Injection Prevention
-      mitigation: Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP sever in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.
+      mitigation: Try to use libraries that properly encode LDAP meta characters in searches and queries to access the LDAP server in order to stay safe from LDAP-Injection vulnerabilities. When a third-party product is used instead of custom developed software, check if the product applies the proper mitigation and ensure a reasonable patch-level.
       check: Are recommendations from the linked cheat sheet and referenced ASVS chapter applied?
       function: development
       stride: tampering