Family: Debian Local Security Checks --> Category: infos
[DSA790] DSA-790-1 phpldapadmin Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Alexander Gerasiov discovered that phpldapadmin, a web based interface
for administering LDAP servers, allows anybody to access the LDAP
server anonymously, even if this is disabled in the configuration with
the "disable_anon_bind" statement.
The old stable distribution (woody) is not vulnerable to this problem.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your phpldapadmin package.
Solution : http://www.debian.org/security/2005/dsa-790
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.