[USN-3571-1] Erlang vulnerabilities
Severity
Medium
Affected Packages
99
CVEs
4
Several security issues were fixed in Erlang.
It was discovered that the Erlang FTP module incorrectly handled certain
CRLF sequences. A remote attacker could possibly use this issue to inject
arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-1693)
It was discovered that Erlang incorrectly checked CBC padding bytes. A
remote attacker could possibly use this issue to perform a padding oracle
attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-2774)
It was discovered that Erlang incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause
Erlang to crash, resulting in a denial of service, or execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10253)
Hanno Böck, Juraj Somorovsky and Craig Young discovered that the Erlang
otp TLS server incorrectly handled error reporting. A remote attacker could
possibly use this issue to perform a variation of the Bleichenbacher attack
and decrypt traffic or sign messages. (CVE-2017-1000385)
- ID
- USN-3571-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3571-1
- Published
-
2018-02-14T14:54:29
(6 years ago) - Modified
-
2018-02-14T14:54:29
(6 years ago) - Other Advisories
-
-
DSA-4057-1
-
FEDORA-2014-15394
-
FEDORA-2014-16214
-
FEDORA-2014-17009
-
FEDORA-2015-12923
-
FEDORA-2015-12970
-
FEDORA-2015-13661
-
FEDORA-2017-42ebcac2b5
-
FEDORA-2017-93b6236635
-
FEDORA-2017-9e6df1e099
-
FEDORA-2017-cbed8f4169
-
FEDORA-2017-e2480c7f50
-
openSUSE-SU-2017:3255-1
-
openSUSE-SU-2017:3257-1
-
SUSE-SU-2018:0974-1
-
VU:144389
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/erlang?distro=xenial | ubuntu |
 erlang
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang?distro=trusty | ubuntu |
erlang
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-xmerl?distro=xenial | ubuntu |
erlang-xmerl
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-xmerl?distro=trusty | ubuntu |
erlang-xmerl
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-x11?distro=xenial | ubuntu |
erlang-x11
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-x11?distro=trusty | ubuntu |
erlang-x11
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-wx?distro=xenial | ubuntu |
erlang-wx
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-webtool?distro=xenial | ubuntu |
erlang-webtool
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-webtool?distro=trusty | ubuntu |
erlang-webtool
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-typer?distro=xenial | ubuntu |
erlang-typer
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-typer?distro=trusty | ubuntu |
erlang-typer
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-tv?distro=trusty | ubuntu |
erlang-tv
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-tools?distro=xenial | ubuntu |
erlang-tools
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-tools?distro=trusty | ubuntu |
erlang-tools
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-toolbar?distro=trusty | ubuntu |
erlang-toolbar
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-test-server?distro=xenial | ubuntu |
erlang-test-server
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-test-server?distro=trusty | ubuntu |
erlang-test-server
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-syntax-tools?distro=xenial | ubuntu |
erlang-syntax-tools
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-syntax-tools?distro=trusty | ubuntu |
erlang-syntax-tools
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-ssl?distro=xenial | ubuntu |
erlang-ssl
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-ssl?distro=trusty | ubuntu |
erlang-ssl
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-ssh?distro=xenial | ubuntu |
erlang-ssh
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-ssh?distro=trusty | ubuntu |
erlang-ssh
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-src?distro=xenial | ubuntu |
erlang-src
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-src?distro=trusty | ubuntu |
erlang-src
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-snmp?distro=xenial | ubuntu |
erlang-snmp
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-snmp?distro=trusty | ubuntu |
erlang-snmp
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-runtime-tools?distro=xenial | ubuntu |
erlang-runtime-tools
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-runtime-tools?distro=trusty | ubuntu |
erlang-runtime-tools
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-reltool?distro=xenial | ubuntu |
erlang-reltool
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-reltool?distro=trusty | ubuntu |
erlang-reltool
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-public-key?distro=xenial | ubuntu |
erlang-public-key
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-public-key?distro=trusty | ubuntu |
erlang-public-key
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-pman?distro=trusty | ubuntu |
erlang-pman
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-percept?distro=xenial | ubuntu |
erlang-percept
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-percept?distro=trusty | ubuntu |
erlang-percept
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-parsetools?distro=xenial | ubuntu |
erlang-parsetools
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-parsetools?distro=trusty | ubuntu |
erlang-parsetools
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-os-mon?distro=xenial | ubuntu |
erlang-os-mon
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-os-mon?distro=trusty | ubuntu |
erlang-os-mon
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-odbc?distro=xenial | ubuntu |
erlang-odbc
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-odbc?distro=trusty | ubuntu |
erlang-odbc
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-observer?distro=xenial | ubuntu |
erlang-observer
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-observer?distro=trusty | ubuntu |
erlang-observer
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-nox?distro=xenial | ubuntu |
erlang-nox
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-nox?distro=trusty | ubuntu |
erlang-nox
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-mode?distro=xenial | ubuntu |
erlang-mode
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-mode?distro=trusty | ubuntu |
erlang-mode
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-mnesia?distro=xenial | ubuntu |
erlang-mnesia
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-mnesia?distro=trusty | ubuntu |
erlang-mnesia
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-megaco?distro=xenial | ubuntu |
erlang-megaco
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-megaco?distro=trusty | ubuntu |
erlang-megaco
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-manpages?distro=xenial | ubuntu |
erlang-manpages
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-manpages?distro=trusty | ubuntu |
erlang-manpages
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-jinterface?distro=xenial | ubuntu |
erlang-jinterface
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-jinterface?distro=trusty | ubuntu |
erlang-jinterface
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-inets?distro=xenial | ubuntu |
erlang-inets
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-inets?distro=trusty | ubuntu |
erlang-inets
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-ic?distro=xenial | ubuntu |
erlang-ic
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-ic?distro=trusty | ubuntu |
erlang-ic
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-ic-java?distro=xenial | ubuntu |
erlang-ic-java
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-ic-java?distro=trusty | ubuntu |
erlang-ic-java
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-gs?distro=xenial | ubuntu |
erlang-gs
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-gs?distro=trusty | ubuntu |
erlang-gs
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-examples?distro=xenial | ubuntu |
erlang-examples
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-examples?distro=trusty | ubuntu |
erlang-examples
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-eunit?distro=xenial | ubuntu |
erlang-eunit
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-eunit?distro=trusty | ubuntu |
erlang-eunit
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-et?distro=xenial | ubuntu |
erlang-et
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-et?distro=trusty | ubuntu |
erlang-et
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-erl-docgen?distro=xenial | ubuntu |
erlang-erl-docgen
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-erl-docgen?distro=trusty | ubuntu |
erlang-erl-docgen
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-eldap?distro=xenial | ubuntu |
erlang-eldap
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-eldap?distro=trusty | ubuntu |
erlang-eldap
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-edoc?distro=xenial | ubuntu |
erlang-edoc
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-edoc?distro=trusty | ubuntu |
erlang-edoc
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-doc?distro=xenial | ubuntu |
erlang-doc
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-doc?distro=trusty | ubuntu |
erlang-doc
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-diameter?distro=xenial | ubuntu |
erlang-diameter
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-diameter?distro=trusty | ubuntu |
erlang-diameter
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-dialyzer?distro=xenial | ubuntu |
erlang-dialyzer
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-dialyzer?distro=trusty | ubuntu |
erlang-dialyzer
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-dev?distro=xenial | ubuntu |
erlang-dev
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-dev?distro=trusty | ubuntu |
erlang-dev
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-debugger?distro=xenial | ubuntu |
erlang-debugger
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-debugger?distro=trusty | ubuntu |
erlang-debugger
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-crypto?distro=xenial | ubuntu |
erlang-crypto
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-crypto?distro=trusty | ubuntu |
erlang-crypto
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-corba?distro=xenial | ubuntu |
erlang-corba
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-corba?distro=trusty | ubuntu |
erlang-corba
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-common-test?distro=xenial | ubuntu |
erlang-common-test
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-common-test?distro=trusty | ubuntu |
erlang-common-test
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-base?distro=xenial | ubuntu |
erlang-base
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-base?distro=trusty | ubuntu |
erlang-base
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-base-hipe?distro=xenial | ubuntu |
erlang-base-hipe
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-base-hipe?distro=trusty | ubuntu |
erlang-base-hipe
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-asn1?distro=xenial | ubuntu |
erlang-asn1
|
< 18.3-dfsg-1ubuntu3.1 | xenial | ||
| Affected | pkg:deb/ubuntu/erlang-asn1?distro=trusty | ubuntu |
erlang-asn1
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
| Affected | pkg:deb/ubuntu/erlang-appmon?distro=trusty | ubuntu |
erlang-appmon
|
< 16.b.3-dfsg-1ubuntu2.2 | trusty |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |