Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.843449 |
Kategorie: | Ubuntu Local Security Checks |
Titel: | Ubuntu Update for erlang USN-3571-1 |
Zusammenfassung: | The remote host is missing an update for the 'erlang'; package(s) announced via the referenced advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'erlang' package(s) announced via the referenced advisory. Vulnerability Insight: It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to inject arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-1693) It was discovered that Erlang incorrectly checked CBC padding bytes. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-2774) It was discovered that Erlang incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Erlang to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-10253) Hanno Bck, Juraj Somorovsky and Craig Young discovered that the Erlang otp TLS server incorrectly handled error reporting. A remote attacker could possibly use this issue to perform a variation of the Bleichenbacher attack and decrypt traffic or sign messages. (CVE-2017-1000385) Affected Software/OS: erlang on Ubuntu 17.10, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS Solution: Please Install the Updated Packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-1693 http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145017.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:174 http://seclists.org/oss-sec/2014/q1/163 https://usn.ubuntu.com/3571-1/ Common Vulnerability Exposure (CVE) ID: CVE-2015-2774 BugTraq ID: 73398 http://www.securityfocus.com/bid/73398 https://www.imperialviolet.org/2014/12/08/poodleagain.html http://openwall.com/lists/oss-security/2015/03/27/6 http://openwall.com/lists/oss-security/2015/03/27/9 SuSE Security Announcement: openSUSE-SU-2016:0523 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html |
Copyright | Copyright (C) 2018 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |