[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question on null bind and base

Where I work our security folks routinely scan the servers for vulnerabilities with a vended security scanning product. On my LDAP server, the following "vulnerabilities" were detected:

    LDAP anonymous access to directory (severity medium)
    The NULL bind entry allows a user to access the LDAP directory
    anonymously. An attacker could take advantage of the NULL bind
    entry to anonymously view files on the LDAP directory

    Disable the NULL bind entry or control the entry with Access
    Control Lists (ACLs).

LDAP null base returns information (severity medium) ---------------------------------------------------- If LDAP allows a NULL base in an LDAP search, a user can submit a search that returns information on namingContexts and supported controls. An attacker could use this information to access directory listings and plan further attacks.

    Set up an access list control to prevent users from dumping the
    base of the tree or issuing a request without knowing the base

Queries to the scanner vendor for more details were responded to with "sorry, that's proprietary information"

I'm not sure these mqke any sense. What sort of ACL do I need to disable the NULL bind entry? I tried the following:

    access to dn=".*,dc=iu,dc=edu" by users read
    access to * by dn="" none

And the vulnerability is still reported. With regard to the second warning,
to be able to support SASL authentication, don't base attributes such as "supportedSASLMechanisms" have to be available?