Thanks for your garbage again! I was wondering all these days where have you vanished and how big garbage you are going to dump on all of us this time. so all that you want to express in your huge garbage dump is inurl:ldap. xml site:com allinurl:indexof ldap. xml site:org.
bty your description on how google make queries is one amazing piece of information. we would had never known this if you would not have put this in your article. I think you must be drinking enough poo these days. shame on you. -----Original Message----- From: AKS aka (0kn0ck) [mailto:[EMAIL PROTECTED] Sent: 04 December 2007 02:57 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps Hi The LDAP garbage dump that remains on web server results in information disclosure. Security of LDAP may be compromised, if for instance a search engine crawls through untamed directories on the web server and finds information through the ldap.xml file. This type of harvesting attack is also termed "static information leveraging attack." This article provides methods for dealing with this type of attack and clarifying how to secure LDAP Read it at : http://www.secniche.org/paper.html http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf Regards Aks aka 0kn0ck http://www.secniche.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/