mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 10:14:49 +02:00
0xMarcio
799 B
799 B
CVE-2008-5112
Description
The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitted to login, which allows remote attackers to enumerate valid usernames via a series of LDAP bind requests, as demonstrated by ldapuserenum.
POC
Reference
No PoCs from references.