> From: Securify Bulletins [mailto:bulletins@xxxxxxxxxxxx] > Sent: Friday, 13 June, 2008 12:44 > To: bugtraq@xxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxxx > > IV. WORKAROUNDS: > > Block TCP ports 389 and 3268 to your Active Directory > server from untrusted sources. AD may also be listening on 636 for LDAP-over-SSL. -- Michael Wojcik Principal Software Systems Developer, Micro Focus