13 matches found
Ubuntu 14.04 LTS / 16.04 LTS : Erlang vulnerabilities (USN-3571-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3571-1 advisory. It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to...
Ubuntu: Security Advisory (USN-3571-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[ MDVSA-2015:174 ] erlang
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:174 http://www.mandriva.com/en/support/security/ Package : erlang Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated erlang packages fixes security vulnerability: An FTP command...
Fedora Update for erlang FEDORA-2014-17009
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated erlang packages fix security vulnerabilities
Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP command...
Fedora 21 : erlang-17.4-1.fc21 (2014-17009)
Ver. 17.4 - Disable SSLv3 - Backport useful os:getenv/2 from master. See this GitHub pull request for further details - https://github.com/erlang/otp/pull/535 - Fixed CVE-2014-1693 backported fix from ver. 17.x.x, see patch no. 17 - Trimmed dependency chain Note that Tenable Network Security has...
Fedora 20 : erlang-R16B-03.10.fc20 (2014-16214)
Disable SSLv3 - Backport useful os:getenv/2 from master. See this GitHub pull request for further details - https://github.com/erlang/otp/pull/535 - Fixed CVE-2014-1693 backported fix from ver. 17.x.x, see patch no. 17 - Trimmed dependency chain Note that Tenable Network Security has extracted...
Fedora Update for erlang FEDORA-2014-16214
Check the version of erlang Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...
CVE-2014-1693
Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the 1 user, 2 account, 3 cd, 4 ls, 5 nlist, 6 rename, 7 delete, 8 mkdir, 9 rmdir, 10 recv, 11 recvbin, 12 recvchunkstart, 13 send...
CVE-2014-1693
CVE-2014-1693 is a concrete vulnerability in Erlang/OTP’s FTP module where improper handling of CRLF sequences enables context-dependent attackers to inject arbitrary FTP commands. Reports from multiple advisories (Ubuntu USN-3571-1, Mageia MGASA-2014-0553, Mandriva MDVSA-2015:174, Fedora FEDORA-...
CVE-2014-1693
Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the 1 user, 2 account, 3 cd, 4 ls, 5 nlist, 6 rename, 7 delete, 8 mkdir, 9 rmdir, 10 recv, 11 recvbin, 12 recvchunkstart, 13 send...
Fedora 20 : erlang-R16B-03.9.fc20 (2014-15394)
Fixed CVE-2014-1693 backported fix from ver. 17.x.x, see patch no. 17 - Trimmed dependency chain Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for erlang FEDORA-2014-15394
Check the version of erlang Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...