Possible Kolab LDAP configuration information disclosure
Martin Konold
martin.konold at erfrakon.de
Sun Apr 25 23:54:19 CEST 2004
Am Wednesday 21 April 2004 10:33 am schrieb Luca Villani:
Hi Luca,
> And a BOFH too.
;-)
> No: standard QIM installation create a 644 slapd.conf.
This is indeed a security bug! In addition using SHA1 instead of plain text
does not make it worse.
> our production environment. I'm taking a look at all security aspects, and
> IMNSHO this *is* a security problem.
I appreciate you effort please keep us posted.
Yours,
-- martin
Dipl.-Phys. Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Nobelstrasse 15, 70569 Stuttgart, Germany
fon: 0711 67400963, fax: 0711 67400959
email: martin.konold at erfrakon.de
More information about the users
mailing list