|
Hi
The LDAP garbage dump that remains on web server results in information
disclosure. Security
of LDAP may be compromised, if for instance a search engine crawls
through untamed directories
on the web server and finds information through the ldap.xml file. This
type of harvesting attack is
also termed =93static information leveraging attack.=94 This article
provides methods for dealing with
this type of attack and clarifying how to secure LDAP
Read it at :
http://www.secniche.org/paper.html
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf
Regards
Aks aka 0kn0ck
http://www.secniche.org