<<< Date Index >>>     <<< Thread Index >>>

[WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps



Hi

The LDAP garbage dump that remains on web server results in information disclosure. Security of LDAP may be compromised, if for instance a search engine crawls through untamed directories on the web server and finds information through the ldap.xml file. This type of harvesting attack is also termed “static information leveraging attack.” This article provides methods for dealing with
this type of attack and clarifying how to secure LDAP

Read it at :
http://www.secniche.org/paper.html
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf

Regards
Aks aka 0kn0ck
http://www.secniche.org