Hi,
We have quarterly vulnerability
scans on our servers and this LDAP
vulnerability always comes back up
for my Unity Voicemail Server. I
have tried unsuccessfully to address
this issue. Is anyone aware of a
patch release for this or specific
instructions on how to address the
vulnerability?
"Disable NULL BIND on your LDAP
server. In addition the LDAP bind
function in Exchange 5.5 has a
buffer overflow that allows a user
to conduct a denial of service or
execute commands in all versions
prior to exchange server SP2.
Coupled with a NULL BIND, an
anonymous user can mount a remote
attack against your server."
Tennille Spence
IT Business Liaison
PBS Technology Branch
816-823-1357 Office
816-806-6342 Cell
816-823-5526 Fax
"What lies behind us and what lies
before us are tiny matters compared
to what lies within us." - Ralph
Waldo Emerson
"Opportunity is missed by most
people because it is dressed in
overalls and looks like work." -
Thomas A. Edison