MGASA-2014-0553

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0553.html

Import Source

https://advisories.mageia.org/MGASA-2014-0553.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2014-0553

Related

CVE-2014-1693

Published

2014-12-26T17:04:58Z

Modified

2014-12-26T16:57:04Z

Summary

Updated erlang packages fix security vulnerabilities

Details

Updated erlang packages fixes security vulnerability:

An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP commands on a system that uses this module (CVE-2014-1693).

This update also disables SSLv3 by default to mitigate the POODLE issue.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / erlang

Package

Name: erlang
Purl: pkg:rpm/mageia/erlang?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

R16B02-2.1.mga4

Ecosystem specific

{
    "section": "core"
}