CVE-2014-0083 rubygem-net-ldap: SSHA passwords generated by the net-ldap Ruby gem use a weak salt

2014-02-1220:00:00

RubySec

rubysec.com

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA
passwords.

CPENameOperatorVersion
net-ldaplt0.6.0

CPE	Name	Operator	Version
	net-ldap	lt	0.6.0

References

nvd.nist.gov/vuln/detail/CVE-2014-0083

Related for RUBY:NET-LDAP-2014-0083-106108