search for: ldapminer

...says that - The remote LDAP server supports search requests with a null, or empty, base object. This allows information to be retrieved without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user may be able to query your LDAP server using a tool such as 'LdapMiner'. Here is Nessus Link for this vulnerability - http://www.tenable.com/plugins/index.php?view=single&id=10722 Can anyone through some light on this?