[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap security (ITS#1386)

At 07:55 PM 2001-10-11, chdonald@sh163.net wrote:
>Full_Name: Donald Chang
>Version: ldapv2
>OS: solaris2.6
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (
>when I use internet scanner to scan my ldap system,it reports the folling:
>1.NULL bind entry can result in anonymous access
>2.cn=monitor  bug
>3.cn=config   bug

The fact that OpenLDAP 1.0 supports anonymous access,
cn-monitor, and cn=config are not bugs but features.
This report will be closed as no developer action is

>I don't know clearly what's the meaning,and how it results,and how can I modify my configuration?

You should direct software use questions to an appropriate
such as the OpenLDAP-software mailing list (assuming you
are using OpenLDAP and not some other LDAPv2 implementation).