Hi
The LDAP garbage dump that remains on web server results in information
disclosure. Security
of LDAP may be compromised, if for instance a search engine crawls
through untamed directories
on the web server and finds information through the ldap.xml file. This
type of harvesting attack is
also termed “static information leveraging attack.” This article
provides methods for dealing with
this type of attack and clarifying how to secure LDAP
Read it at :
http://www.secniche.org/paper.html
http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf
Regards
Aks aka 0kn0ck
http://www.secniche.org
