32 lines
796 B
YAML
32 lines
796 B
YAML
id: ldap-anonymous-login
|
|
|
|
info:
|
|
name: LDAP Server NULL Bind Connection Information Disclosure
|
|
author: s0obi
|
|
severity: medium
|
|
description: The remote LDAP server allows anonymous access
|
|
reference:
|
|
- https://www.tenable.com/plugins/nessus/10723
|
|
- https://ldap.com/ldapv3-wire-protocol-reference-bind
|
|
remediation: Configure the service to disallow NULL BINDs.
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
|
cvss-score: 5.3
|
|
cwe-id: CWE-284
|
|
tags: network,ldap,default-login,tenable
|
|
|
|
network:
|
|
- inputs:
|
|
- data: 300c020101600702010304008000
|
|
type: hex
|
|
|
|
host:
|
|
- "{{Hostname}}"
|
|
- "{{Host}}:389"
|
|
read-size: 1024
|
|
|
|
matchers:
|
|
- type: binary
|
|
binary:
|
|
- "300c02010161070a010004000400"
|