[USN-3571-1] Erlang vulnerabilities
Several security issues were fixed in Erlang.
It was discovered that the Erlang FTP module incorrectly handled certain
CRLF sequences. A remote attacker could possibly use this issue to inject
arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS.
(CVE-2014-1693)
It was discovered that Erlang incorrectly checked CBC padding bytes. A
remote attacker could possibly use this issue to perform a padding oracle
attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS.
(CVE-2015-2774)
It was discovered that Erlang incorrectly handled certain regular
expressions. A remote attacker could possibly use this issue to cause
Erlang to crash, resulting in a denial of service, or execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10253)
Hanno Böck, Juraj Somorovsky and Craig Young discovered that the Erlang
otp TLS server incorrectly handled error reporting. A remote attacker could
possibly use this issue to perform a variation of the Bleichenbacher attack
and decrypt traffic or sign messages. (CVE-2017-1000385)
- ID
- USN-3571-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3571-1
- Published
-
2018-02-14T14:54:29
(6 years ago) - Modified
-
2018-02-14T14:54:29
(6 years ago) - Other Advisories
-
- DSA-4057-1
- FEDORA-2014-15394
- FEDORA-2014-16214
- FEDORA-2014-17009
- FEDORA-2015-12923
- FEDORA-2015-12970
- FEDORA-2015-13661
- FEDORA-2017-42ebcac2b5
- FEDORA-2017-93b6236635
- FEDORA-2017-9e6df1e099
- FEDORA-2017-cbed8f4169
- FEDORA-2017-e2480c7f50
- openSUSE-SU-2017:3255-1
- openSUSE-SU-2017:3257-1
- SUSE-SU-2018:0974-1
- VU:144389
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/erlang?distro=xenial | ubuntu | erlang | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang?distro=trusty | ubuntu | erlang | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-xmerl?distro=xenial | ubuntu | erlang-xmerl | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-xmerl?distro=trusty | ubuntu | erlang-xmerl | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-x11?distro=xenial | ubuntu | erlang-x11 | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-x11?distro=trusty | ubuntu | erlang-x11 | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-wx?distro=xenial | ubuntu | erlang-wx | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-webtool?distro=xenial | ubuntu | erlang-webtool | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-webtool?distro=trusty | ubuntu | erlang-webtool | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-typer?distro=xenial | ubuntu | erlang-typer | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-typer?distro=trusty | ubuntu | erlang-typer | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-tv?distro=trusty | ubuntu | erlang-tv | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-tools?distro=xenial | ubuntu | erlang-tools | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-tools?distro=trusty | ubuntu | erlang-tools | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-toolbar?distro=trusty | ubuntu | erlang-toolbar | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-test-server?distro=xenial | ubuntu | erlang-test-server | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-test-server?distro=trusty | ubuntu | erlang-test-server | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-syntax-tools?distro=xenial | ubuntu | erlang-syntax-tools | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-syntax-tools?distro=trusty | ubuntu | erlang-syntax-tools | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-ssl?distro=xenial | ubuntu | erlang-ssl | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-ssl?distro=trusty | ubuntu | erlang-ssl | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-ssh?distro=xenial | ubuntu | erlang-ssh | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-ssh?distro=trusty | ubuntu | erlang-ssh | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-src?distro=xenial | ubuntu | erlang-src | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-src?distro=trusty | ubuntu | erlang-src | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-snmp?distro=xenial | ubuntu | erlang-snmp | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-snmp?distro=trusty | ubuntu | erlang-snmp | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-runtime-tools?distro=xenial | ubuntu | erlang-runtime-tools | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-runtime-tools?distro=trusty | ubuntu | erlang-runtime-tools | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-reltool?distro=xenial | ubuntu | erlang-reltool | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-reltool?distro=trusty | ubuntu | erlang-reltool | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-public-key?distro=xenial | ubuntu | erlang-public-key | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-public-key?distro=trusty | ubuntu | erlang-public-key | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-pman?distro=trusty | ubuntu | erlang-pman | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-percept?distro=xenial | ubuntu | erlang-percept | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-percept?distro=trusty | ubuntu | erlang-percept | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-parsetools?distro=xenial | ubuntu | erlang-parsetools | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-parsetools?distro=trusty | ubuntu | erlang-parsetools | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-os-mon?distro=xenial | ubuntu | erlang-os-mon | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-os-mon?distro=trusty | ubuntu | erlang-os-mon | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-odbc?distro=xenial | ubuntu | erlang-odbc | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-odbc?distro=trusty | ubuntu | erlang-odbc | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-observer?distro=xenial | ubuntu | erlang-observer | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-observer?distro=trusty | ubuntu | erlang-observer | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-nox?distro=xenial | ubuntu | erlang-nox | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-nox?distro=trusty | ubuntu | erlang-nox | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-mode?distro=xenial | ubuntu | erlang-mode | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-mode?distro=trusty | ubuntu | erlang-mode | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-mnesia?distro=xenial | ubuntu | erlang-mnesia | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-mnesia?distro=trusty | ubuntu | erlang-mnesia | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-megaco?distro=xenial | ubuntu | erlang-megaco | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-megaco?distro=trusty | ubuntu | erlang-megaco | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-manpages?distro=xenial | ubuntu | erlang-manpages | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-manpages?distro=trusty | ubuntu | erlang-manpages | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-jinterface?distro=xenial | ubuntu | erlang-jinterface | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-jinterface?distro=trusty | ubuntu | erlang-jinterface | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-inets?distro=xenial | ubuntu | erlang-inets | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-inets?distro=trusty | ubuntu | erlang-inets | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-ic?distro=xenial | ubuntu | erlang-ic | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-ic?distro=trusty | ubuntu | erlang-ic | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-ic-java?distro=xenial | ubuntu | erlang-ic-java | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-ic-java?distro=trusty | ubuntu | erlang-ic-java | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-gs?distro=xenial | ubuntu | erlang-gs | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-gs?distro=trusty | ubuntu | erlang-gs | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-examples?distro=xenial | ubuntu | erlang-examples | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-examples?distro=trusty | ubuntu | erlang-examples | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-eunit?distro=xenial | ubuntu | erlang-eunit | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-eunit?distro=trusty | ubuntu | erlang-eunit | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-et?distro=xenial | ubuntu | erlang-et | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-et?distro=trusty | ubuntu | erlang-et | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-erl-docgen?distro=xenial | ubuntu | erlang-erl-docgen | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-erl-docgen?distro=trusty | ubuntu | erlang-erl-docgen | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-eldap?distro=xenial | ubuntu | erlang-eldap | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-eldap?distro=trusty | ubuntu | erlang-eldap | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-edoc?distro=xenial | ubuntu | erlang-edoc | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-edoc?distro=trusty | ubuntu | erlang-edoc | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-doc?distro=xenial | ubuntu | erlang-doc | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-doc?distro=trusty | ubuntu | erlang-doc | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-diameter?distro=xenial | ubuntu | erlang-diameter | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-diameter?distro=trusty | ubuntu | erlang-diameter | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-dialyzer?distro=xenial | ubuntu | erlang-dialyzer | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-dialyzer?distro=trusty | ubuntu | erlang-dialyzer | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-dev?distro=xenial | ubuntu | erlang-dev | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-dev?distro=trusty | ubuntu | erlang-dev | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-debugger?distro=xenial | ubuntu | erlang-debugger | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-debugger?distro=trusty | ubuntu | erlang-debugger | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-crypto?distro=xenial | ubuntu | erlang-crypto | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-crypto?distro=trusty | ubuntu | erlang-crypto | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-corba?distro=xenial | ubuntu | erlang-corba | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-corba?distro=trusty | ubuntu | erlang-corba | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-common-test?distro=xenial | ubuntu | erlang-common-test | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-common-test?distro=trusty | ubuntu | erlang-common-test | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-base?distro=xenial | ubuntu | erlang-base | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-base?distro=trusty | ubuntu | erlang-base | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-base-hipe?distro=xenial | ubuntu | erlang-base-hipe | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-base-hipe?distro=trusty | ubuntu | erlang-base-hipe | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-asn1?distro=xenial | ubuntu | erlang-asn1 | < 18.3-dfsg-1ubuntu3.1 | xenial | ||
Affected | pkg:deb/ubuntu/erlang-asn1?distro=trusty | ubuntu | erlang-asn1 | < 16.b.3-dfsg-1ubuntu2.2 | trusty | ||
Affected | pkg:deb/ubuntu/erlang-appmon?distro=trusty | ubuntu | erlang-appmon | < 16.b.3-dfsg-1ubuntu2.2 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |