12 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-10253
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a...
RHEL 6 : erlang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - erlang: Heap-buffer overflow via regular expressions CVE-2016-10253 Note that Nessus has not tested for this issue...
Photon OS 1.0: Erlang PHSA-2020-1.0-0289
An update of the erlang package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0289. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid13603...
Security Bulletin: Vulnerabilities in erlang affect PowerKVM
Summary PowerKVM is affected by vulnerabilities in erlang. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-1000385 DESCRIPTION: Erlang/OTP could allow a remote attacker to obtain sensitive information, caused by an RSA Adaptive Chosen Ciphertext Bleichenbacher...
Ubuntu 14.04 LTS / 16.04 LTS : Erlang vulnerabilities (USN-3571-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3571-1 advisory. It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to...
Ubuntu: Security Advisory (USN-3571-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : erlang (openSUSE-2017-1358) (ROBOT)
This update for erlang fixes security issues and bugs. The following vulnerabilities were addressed : - CVE-2017-1000385: Harden against the Bleichenbacher attacher against RSA - CVE-2016-10253: Heap overflow through regular expressions bsc1030062 In addition Erlang was updated to version 18.3.4....
Fedora 25 : erlang (2017-42ebcac2b5)
Security fix for CVE-2016-10253 ---- - Ver. 19.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for erlang FEDORA-2017-42ebcac2b5
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : erlang (2017-e2480c7f50)
Security fix for CVE-2016-10253 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 7030...
DEBIAN-CVE-2016-10253
An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...
CVE-2016-10253
CVE-2016-10253 affects Erlang/OTP 18.x; the issue is a heap overflow in the generation of compiled regular expressions. Malformed extpattern can indirectly specify an offset used as an array index, allowing arbitrary reads/writes in the erts_alloc arena. Impact is read/write access and potential ...