All clients connecting to our 389-ds server showed up this vulnerability on the scan. How do I fix this on my 389-ds server?
LDAP allows null bases
Risk:High Application:ldap Port:389 Protocol:tcp ScriptID:10722 Summary: It is possible to disclose LDAP information. Description : Improperly configured LDAP servers will allow the directory BASE to be set to NULL. This allows information to be culled without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user can query your LDAP server using a tool such as 'LdapMiner'
Solution: Disable NULL BASE queries on your LDAP server CVSS Base Score : 5.0 Family name: Remote file access Category: infos Copyright: Copyright (C) 2000 John Lampe....j_lampe@bellsouth.net Summary: Check for LDAP null base Version: $Revision: 128 $