problem-based-packs.insecure-transport.go-stdlib.telnet-request.telnet-request

profile photo of semgrepsemgrep
Author
6,272
Download Count*
LGPL Commons Clause
License

Checks for attempts to connect to an insecure telnet server using the package telnet. This is bad because it can lead to man in the middle attacks.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: telnet-request
    message: Checks for attempts to connect to an insecure telnet server using the
      package telnet. This is bad because it can lead to man in the middle
      attacks.
    severity: WARNING
    metadata:
      likelihood: MEDIUM
      impact: MEDIUM
      confidence: MEDIUM
      category: security
      cwe: "CWE-319: Cleartext Transmission of Sensitive Information"
      owasp: A03:2017 - Sensitive Data Exposure
      references:
        - https://godoc.org/github.com/reiver/go-telnet
      subcategory:
        - vuln
      technology:
        - go-telnet
      vulnerability: Insecure Transport
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Mishandled Sensitive Information
    languages:
      - go
    pattern: |
      telnet.DialToAndCall(...)

Examples

telnet-request.go

func bad1() {
    var caller telnet.Caller = telnet.StandardCaller

	// ruleid: telnet-request
	telnet.DialToAndCall("example.net:23", caller)
}

func ok1() {
	tlsConfig := &tls.Config{}

	var caller telnet.Caller = telnet.StandardCaller

	// ok: telnet-request
	telnet.DialToAndCallTLS("example.net:992", caller, tlsConfig)
}