Sha256: f2aa5aef16ec41518f56f2cda308234c2b020baa4e8637bf43208e6bd914ef71

Contents?: true

Size: 512 Bytes

Versions: 5

Compression:

Stored size: 512 Bytes

Contents

---
gem: net-ldap
cve: 2014-0083
osvdb: 106108
url: http://osvdb.org/show/osvdb/106108
title:  Net::LDAP for Ruby lib/net/ldap/password.rb SSHA Password Generation Weak Salt
date: 2014-02-13
description: Net::LDAP for Ruby contains a flaw in lib/net/ldap/password.rb. The
  issue is due to the program generating SSHA passwords with a weak salt value
  that is between 0 and 999. This may allow a local attacker to more easily gain
  access to password information.
cvss_v2: 1.9
patched_versions:
  - ">= 0.6.0"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/net-ldap/OSVDB-106108.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/net-ldap/OSVDB-106108.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/net-ldap/OSVDB-106108.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/net-ldap/OSVDB-106108.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/net-ldap/OSVDB-106108.yml