[harden-mac:0437] Mac OS X LDAP plugins transmit user credentials in clear text

[vm_converter <vm_converter@xxxxxxx>]

$B@P@n$G$9!#(B
(B
$BI=Bj$N(BVulnerability Note$B$,(BCERT/CC$B$h$j=P$F$$$^$9!#(B
(B
$B!{(BVulnerability Note VU#46782
$B!!(BMac OS X LDAP plugins transmit user credentials in clear tex
(Bhttp://www.kb.cert.org/vuls/id/467828
(B
(BKerberos$B$b(BLDAP$B$b;H$C$F$*$i$:!"$$$^$$$ANI$/2r$i$J$$$N$G!"(B
$B!V(BReferences$B!W$K$"$k(B
(B
$B!&(BMac OS X LDAP Clear Text User Credentials$B!J(BSecunia$B!K(B
(Bhttp://www.secunia.com/advisories/8945/
(B
$B$+$i0zMQ$9$k$H!"(B
(B
(BThe problem occurs when Kerberos is used for user authentication and
(BLDAP to get user data. When an error occurs there will be a protocol
(Bfallback, sending username and password in clear text rather than
(Busing Kerberos.
(B
$B$@$=$&$G!#(B
(B
$B%Q%C%A$NDs6!$,$J$5$l$k$N$+ITL@$G$9$,!"0J2<$N(BTIL$B$KBP=hK!$,=q$+$l$F$$$k(B
$B$H$N$3$H!#(B
(B
$B!{(BMac OS X Server: How to Avoid Sending Clear Passwords in a Kerberos
$B!!(BEnvironment With LDAPv3
(Bhttp://docs.info.apple.com/article.html?artnum=107579
(B
(B
$B (B
(B-- $B@P@n(B $BBY5W!?(Bvm_converter
(Bvm_converter@xxxxxxx
(B
(B
(B--[PR]------------------------------------------------------------------
$B%G%6%$%s$N$"$k%G%8%?%k%i%$%U%5%$%HCB@8(B!!
$B%=%U%^%C%W$d%S%C%/%+%a%i$N?M5$%i%s%-%s%0(I$(BPC(I%$B%G%8%+%a(I%(BDVD$B$J$I$N5?Ld(I%(B
$B $B%U%j!<%=%U%H$b$"$k%G%8%?%k%i%$%U%G%6%$%s$O$3$A$i(B!!
(B http://ad.freeml.com/cgi-bin/ad.cgi?id=bSZhv
(B------------------------------------------------------------------[PR]--
(B<GMO GROUP> Global Media Online www.gmo.jp