[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap security (ITS#1386)

To: openldap-its@OpenLDAP.org
Subject: Re: ldap security (ITS#1386)
From: Kurt@OpenLDAP.org
Date: Fri, 12 Oct 2001 03:22:00 GMT

At 07:55 PM 2001-10-11, chdonald@sh163.net wrote:
>Full_Name: Donald Chang
>Version: ldapv2
>OS: solaris2.6
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (202.130.248.41)
>
>
>when I use internet scanner to scan my ldap system,it reports the folling:
>1.NULL bind entry can result in anonymous access
>2.cn=monitor  bug
>3.cn=config   bug

The fact that OpenLDAP 1.0 supports anonymous access,
cn-monitor, and cn=config are not bugs but features.
This report will be closed as no developer action is
required.

>I don't know clearly what's the meaning,and how it results,and how can I modify my configuration?

You should direct software use questions to an appropriate
such as the OpenLDAP-software mailing list (assuming you
are using OpenLDAP and not some other LDAPv2 implementation).
http://www.openldap.org/

Prev by Date: ldap security (ITS#1386)
Next by Date: Re: Updates make slapd prone to crash (ITS#1358)
Index(es):
- Chronological
- Thread