Unauthorized Access Vulnerability in LDAP
Introduction
LDAP stands for Lightweight Directory Access Protocol, based on the X.500 standard and supports TCP/IP.
LDAP directory is a database and the LDAP server (equivalent to DBMS) handles queries and updates. Data is stored in a tree-like hierarchical structure and is optimized for reading performance compared to relational databases. LDAP is suitable for information with fewer changes and cross-platform.
LDAP Attributes
dn
distinguished name
A unique identifier, similar to an absolute path. Each object has a unique identifier. For example: uid=tester,ou=People,dc=example,dc=com
rdn
relative
A relative identifier, similar to a relative path. For example: uid=tester
uid
user id
Usually refers to the user login name. For example: uid=tester
sn
sur name
Usually refers to a person's last name. For example: sn: Su
giveName
Usually refers to a person's first name. For example: giveName: Aldwin
I
Usually refers to the name of a place. For example: I: Beijing
objectClass
objectClass is a special attribute that contains the storage method and related attribute information.
dc
domain component
Usually refers to a domain name. For example: dc=example,dc=com
ou
organization unit
Usually refers to the name of an organizational unit. For example: ou=people,dc=example,dc=com
cn
common name
Usually refers to an object's name. If it's a person, the full name is required.
c
country
A two-letter country code. For example: CN, US, HK, JP, etc.
Environment Setup
Vulnerability Reproduction
Last updated
