[Date Prev][Date Next]
Howto fix LDAP Nullbind vulnerability (part II)
I checked the documentation and added this lines to my slapd.conf file,
but the scanner reports the "LDAP NullBind" vulnerability yet...
access to dn="cn=root,c=VE"
by dn="" none
now, I'm not sure, what is exactly a NullBind?
How can I test manually this is present yet? I tried a search without -D
argument and it return empty when no -D argument is supplied and return
entries when it is present in the command line, but I don't know what is a
In short the questiions are:
1. What is a NullBind?
2. What should I add to my slapd.conf file to fix it.
3. How can I test this running an ldapsearch?
Thanks for your help,
PS: I'm using openldap 1.2.13
> For 1.2, I suggest you check out the U-Mich LDAP Guide
> browse really old archives of this list, and ACL
> example in the test directory. Or toy with examples for
> 2.0/2.1 which can be found in later documentation and
> the FAQ (many should work just fine in 1.2).