Our Security Department ran a vulnerability tool and it found something about
null base searches, here's the full description:
"A user can obtain directory listings if LDAP allows a NULL base in an LDAP
If LDAP allows a NULL base in an LDAP search, a user can run a search that
information on "namingContexts" and "supported controls".
An attacker can use this information for malicious activity such as
accessing directory listings."
The solution points to use an ACL in order to prevent this kind of request.
Does anybody knows how to prevent Null base searches?
10. LDAP Search Base
11. LDAP search base