Ver:
· LDAP - Lightweight Directory Access Protocol
Abuso de las
peticiones LDAP para alterar fraudulentamente el contenido del directorio de
información de un servidor en red.
A technique for
exploiting a web site by altering backend LDAP statements through manipulating
application input.
http://www.webappsec.org/projects/glossary/
LDAP injection is
a specific form of attack that can be employed to compromise Web sites that
construct LDAP (Lightweight Directory Access Protocol) statements from data
provided by users. This is done by changing LDAP statements so dynamic Web
applications can run with invalid permissions, allowing the attacker to alter,
add or delete content. LDAP is a protocol that facilitates the location of
organizations, individuals and other resources in a network. It is a
streamlined version of DAP (Directory Access Protocol), which is part of X.500,
a standard for network directory services.
http://searchsoftwarequality.techtarget.com/glossary/
Temas relacionados