It came from a Nessus scan our data security officer runs monthly. Flagged as a Medium level threat
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Roger Harman
Sent: Tuesday, May 14, 2013 2:19 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: LDAP null base search
Is it really a vulnerability? The link you provided states that a null base search is required on a V3 LDAP. The docs that I looked at from IBM note that IBM-i implements V3 of LDAP.
http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Frza
hy%2Frzahyconcepts.htm
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Mike Cunningham
Sent: Monday, May 13, 2013 7:33 PM
To: Midrange Systems Technical Discussion
Subject: LDAP null base search
http://www.tenable.com/plugins/index.php?view=single&id=10722
Our i Server was tagged as having a security issue due to allowing an LDAP null base search. I have been trying to find some reference to how to close this hole but coming up blank on google searches. I got a few hits but nothing about how to turn it off. Has anyone else hit this and know how to close it?
Mike Cunningham
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.