LanDscAPe - Exploring LDAP Weaknesses and Data Leaks at Internet Scale

Explore critical security vulnerabilities in LDAP deployments through this 12-minute conference presentation from USENIX Security '24. Discover the findings of researchers from Münster University of Applied Sciences, University of Twente, Fraunhofer SIT, and the National Research Center for Applied Cybersecurity ATHENE who developed LanDscAPe, a specialized scanning tool for analyzing LDAP server security. Learn about the concerning results of their Internet-wide analysis that uncovered over 10,000 vulnerable servers, including 4,900 exposing personal data and 1,800 leaking passwords. Gain insights into various security threats affecting LDAP implementations, from misconfigured servers and outdated software to weak TLS setups, and understand their implications for organizational security, particularly in contexts like Microsoft's Active Directory and authentication services. Follow the researchers' methodology in identifying, classifying, and addressing these security issues through their notification campaign.