Господа!!!
Прошелся я тут nessus`ом по LDAP`у ... и улицизрел:
Vulnerability found on port ldap (389/tcp) :
Improperly configured LDAP servers will allow any user to connect to
the server and query for information.
The LDAP bind function in Exchange 5.5 has a buffer overflow
that allows a remote attacker to conduct a denial of service
or execute commands in all version prior to Exchange server sp2
Note: no test was done to see what version of Exchange server
is running, nor attempt to verify service pack.
Solution: Disable NULL BIND on your LDAP server
Also see: http://www.microsoft.com/technet/security/bulletin/ms99-009.asp
Risk factor : Medium
CVE : CVE-1999-0385
BID : 503
. Vulnerability found on port ldap (389/tcp) :
Improperly configured LDAP servers will allow the directory BASE
to be set to NULL. This allows information to be
culled without any prior knowledge of the directory
structure. Coupled with a NULL BIND, an anonymous
user can query your LDAP server using a tool such
as 'LdapMiner'
Solution: Disable NULL BASE queries on your LDAP server
Risk factor : Medium
. Information found on port ipp (631/tcp)
A web server is running on this port
. Information found on port ipp (631/tcp)
И не как понять не могу ... как эти дырочки закрыть ...
помогайте ...
мне нужен доступ (безопасный) к LDAP`у через Inet`. ... а не только с localhost`а!!!
Ответ на:
комментарий
от anonymous
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.