|
| TC: | 12032 | |
| Description: | A user can obtain directory listings if LDAP allows a NULL base in an LDAP search. If LDAP allows a NULL base in an LDAP search, a user can run a search that returns information on "namingContexts" and "supported controls". An attacker can use this information for malicious activity such as accessing directory listings. | |
| TC Impact: | Gather Info | |
| Service: | ldap |
| Vulnerability Publication: | December 1998 | |
| Advisory Copyright: | Unknown | |
| Summary: | A remote attacker can acquire access to sensitive information on your network and thus prepare further serious attacks. | |
| Risk: | Medium | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None | |
| CVSS 2.0 Base Score: | 5.0 |
| Vulnerability Impact: |
Gather Info |
|---|
| Host Impact: | The attacker can obtain vital information from the server. | |
| Nature of Remediation: | Configure the service. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Prevent users from dumping the base of the tree or issuing a request without knowing the base object. LDAP implementations vary on how or whether it is possible to constrain or prevent null base requests. Some implementations use an access control list (ACL), others provide the ability using a utility program or user interface, and others may not be able to prevent these requests. Contact your vendor or refer to the documentation for more details on hardening specific LDAP implementations. |
| References: | ||
| * MSKB: Security issues with LDAP NULL base connections http://support.microsoft.com/kb/837964 * MLIST: About null base and searching http://www.openldap.org/lists/openldap-software/200112/msg00338.html |
| CVE Link: |
GENERIC-MAP-NOMATCH |
 |
|---|
| Glossary: |
LDAP |
|---|