TUCoPS :: HP Unsorted I :: tb13666.htm

Information Prone LDAP Garbage Dumps
Information Prone LDAP Garbage Dumps
Information Prone LDAP Garbage Dumps


Hi

The LDAP garbage dump that remains on web server results in information 
disclosure. Security
of LDAP may be compromised, if for instance a search engine crawls 
through untamed directories
on the web server and finds information through the ldap.xml file. This 
type of harvesting attack is
also termed =93static information leveraging attack.=94 This article 
provides methods for dealing with
this type of attack and clarifying how to secure LDAP

Read it at :
http://www.secniche.org/paper.html 
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf 

Regards
Aks aka 0kn0ck
http://www.secniche.org

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH