Home page logo
/

pen-test logo Penetration Testing mailing list archives

[PEN-TEST] LDAP-nullbase
From: krisk <krisk () medshoppeintl com>
Date: Wed, 20 Sep 2000 07:01:24 -0500

A recent scan on our beta Win 2000 network came up showing a ldap-nullbase
vulnerability.
If I understand this correctly, this is similar to a Win netbios null
session, allowing enumeration of users, shares, etc.
Does anyone have more info on this? What tools or commands are used to pull
down directory listings etc. using this? Can this be done remotely? Ports
used? Other methods to test for this? How to secure this?
Thanks!

Kris Kistler
Security Admin.
St. Louis, MO


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault