14 matches found
RHEL 7 : erlang (RHSA-2018:0528)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0528 advisory. Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault...
Mageia: Security Advisory (MGASA-2018-0060)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 2.0: Erlang PHSA-2020-2.0-0251
An update of the erlang package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0251. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13719...
Security Bulletin: Vulnerabilities in erlang affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in erlang. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-1000385 DESCRIPTION: Erlang/OTP could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive Chosen Ciphertext Bleichenbacher...
CVE-2017-1000385
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/bleichenbacheroracle.py...
Ubuntu: Security Advisory (USN-3571-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : Erlang vulnerabilities (USN-3571-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3571-1 advisory. It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to...
Updated erlang packages fix security vulnerabilities
It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys CVE-2017-1000385...
ROBOT TLS_RSA Scanning Attempt (CVE-2012-5081; CVE-2016-6883; CVE-2017-1000385; CVE-2017-12373; CVE-2017-13098; CVE-2017-13099; CVE-2017-17382; CVE-2017-17427; CVE-2017-17428; CVE-2017-17841; CVE-2017-6168)
ROBOT Detect Scanner is a vulnerability scanning product. Remote attackers can use ROBOT Detect Scanner to detect vulnerabilities on a target server...
openSUSE Security Update : erlang (openSUSE-2017-1358) (ROBOT)
This update for erlang fixes security issues and bugs. The following vulnerabilities were addressed : - CVE-2017-1000385: Harden against the Bleichenbacher attacher against RSA - CVE-2016-10253: Heap overflow through regular expressions bsc1030062 In addition Erlang was updated to version 18.3.4....
Fedora 26 : erlang (2017-93b6236635) (ROBOT)
Ver. 19.3.6.4 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
CVE-2017-1000385
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...
CVE-2017-1000385
The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...
CVE-2017-1000385
CVE-2017-1000385 affects the Erlang OTP TLS server, where RSA PKCS#1 v1.5 padding errors elicit different TLS alerts, enabling a Bleichenbacher-style oracle to decrypt content or forge signatures with the server’s private key. Public disclosures describe a CERT/ROBOT-related risk and list affecte...