[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Howto fix LDAP Nullbind vulnerability

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Howto fix LDAP Nullbind vulnerability
From: "Rafael Angarita" <rangarita@telcel.net.ve>
Date: Tue, 17 Dec 2002 01:08:46 -0400
Cc: <openldap-software@OpenLDAP.org>
References: <5.2.0.9.0.20021216195314.02625cf8@127.0.0.1>

----- Original Message -----
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
> At 01:28 PM 12/16/2002, Rafael Angarita wrote:
> >   A host summary vulnerability report  indicated an issue with my LDAP
server, it was a "LDAP NullBind" vulnerability.
> >    How can I fix it?
>
> http://www.iss.net/security_center/static/1424.php
> See the remedy section.  Google is your friend.

    Sure, but how do I do it?
    How to "Disable the NULL bind entry or control the entry with Access
Control Lists (ACLs)." in openldap 1.3.12, that's the matter... I don't know
how to do it...

Follow-Ups:
- error installing ldapmodule
  - From: "Rakesh Naidu" <rnaidu@zeomega.com>
- Re: Howto fix LDAP Nullbind vulnerability
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: Howto fix LDAP Nullbind vulnerability
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: newbie question:Indexing taking a really long time...
Next by Date: error installing ldapmodule
Index(es):
- Chronological
- Thread