As you may know, Apache's mod_authzn_ldap allows to authenticate users in Apache HTTP server using an LDAP server. Unfortunately, it has a little implementation flaw. The filter used to authenticate the user is built by abusing the RFC 2255 which specifies the