CVE-2008-5112

Name: CVE-2008-5112
Creator: NVD / NIST
Published: 2008-11-17T23:30:00.517+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 19.96%

Last modified Jun 16, 2026

CVE-2008-5112 is a vulnerability of currently unknown severity. The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind requests, as demonstrated by ldapuserenum.. EPSS estimates a 19.96% chance of exploitation in the next 30 days.

Description

The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind requests, as demonstrated by ldapuserenum.

Metrics

EPSS Probability

19.96%

97.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions	Update
Microsoft	Windows	server_2003	Sp1
Microsoft	Windows 2000	All versions	Sp4

References

Timeline

Published: Nov 17, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-5112?

How severe is CVE-2008-5112?

Severity scoring for CVE-2008-5112 is pending analysis. The EPSS model estimates a 19.96% probability of exploitation in the next 30 days.

How do I fix CVE-2008-5112?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-5112?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST