[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Howto fix LDAP Nullbind vulnerability

To: "Rafael Angarita" <rangarita@telcel.net.ve>
Subject: Re: Howto fix LDAP Nullbind vulnerability
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 17 Dec 2002 16:27:00 -0800
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <001901c2a58a$64a9e180$0100a8c0@curare>
References: <5.2.0.9.0.20021216195314.02625cf8@127.0.0.1>

At 09:08 PM 12/16/2002, Rafael Angarita wrote:

>----- Original Message -----
>From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
>> At 01:28 PM 12/16/2002, Rafael Angarita wrote:
>> >   A host summary vulnerability report  indicated an issue with my LDAP
>server, it was a "LDAP NullBind" vulnerability.
>> >    How can I fix it?
>>
>> http://www.iss.net/security_center/static/1424.php
>> See the remedy section.  Google is your friend.
>
>    Sure, but how do I do it?
>    How to "Disable the NULL bind entry or control the entry with Access
>Control Lists (ACLs)." in openldap 1.3.12, that's the matter... I don't know
>how to do it...

For 1.2, I suggest you check out the U-Mich LDAP Guide 
<http://www.umich.edu/~dirsvcs/ldap/doc/guides/slapd/>,
browse really old archives of this list, and ACL
example in the test directory.  Or toy with examples for
2.0/2.1 which can be found in later documentation and
the FAQ (many should work just fine in 1.2).

Kurt

Follow-Ups:
- Howto fix LDAP Nullbind vulnerability (part II)
  - From: "Rafael Angarita" <rangarita@telcel.net.ve>

References:
- Re: Howto fix LDAP Nullbind vulnerability
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Howto fix LDAP Nullbind vulnerability
  - From: "Rafael Angarita" <rangarita@telcel.net.ve>

Prev by Date: ::beat head here:: need help sorting out slapadd
Next by Date: Error when add machine
Index(es):
- Chronological
- Thread