AOH :: HP Unsorted I :: TB13666.HTM

Information Prone LDAP Garbage Dumps



Information Prone LDAP Garbage Dumps
Information Prone LDAP Garbage Dumps



Hi

The LDAP garbage dump that remains on web server results in information 
disclosure. Security
of LDAP may be compromised, if for instance a search engine crawls 
through untamed directories
on the web server and finds information through the ldap.xml file. This 
type of harvesting attack is
also termed =93static information leveraging attack.=94 This article 
provides methods for dealing with
this type of attack and clarifying how to secure LDAP

Read it at :
http://www.secniche.org/paper.html 
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf 

Regards
Aks aka 0kn0ck
http://www.secniche.org 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.