Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Windows AD, user detection via LDAP

November 2008 by Vigil@nce

SYNTHESIS

An attacker can connect to the LDAP server to detect if user names are valid.

Gravity: 1/4

Consequences: data reading

Provenance: intranet client

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: multiples sources (3/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 18/11/2008

IMPACTED PRODUCTS
- Microsoft Windows 2000
- Microsoft Windows 2003

DESCRIPTION

The Windows Active Directory enables a LDAP server.

When an authentication error occurs on this LDAP server, the error message depends on the user:
- 525 : user does not exist
- 52e : password is incorrect
- 532 : password has expired
- etc.

An attacker can therefore successively test a list of user names in order to detect those who are in the domain.

CHARACTERISTICS

Identifiers: BID-32305, VIGILANCE-VUL-8256

http://vigilance.fr/vulnerability/8256




See previous articles

    

See next articles