Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

[WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps
From: "AKS aka (0kn0ck)" <0kn0ck () secniche org>
Date: Mon, 03 Dec 2007 13:27:12 -0800
Hi
The LDAP garbage dump that remains on web server results in information disclosure. Security of LDAP may be compromised, if for instance a search engine crawls through untamed directories on the web server and finds information through the ldap.xml file. This type of harvesting attack is also termed “static information leveraging attack.” This article provides methods for dealing with 
this type of attack and clarifying how to secure LDAP

Read it at :
http://www.secniche.org/paper.html
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf

Regards
Aks aka 0kn0ck
http://www.secniche.org

  By Date           By Thread  

Current thread:
  • [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps AKS aka (0kn0ck) (Dec 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]