VDB

GCVE-110-MAGEIA-2014-553

GCVE-110-MAGEIA-2014-553
Advisory Published
Vulnetix · Advisory published December 26, 2014
Updated erlang packages fixes security vulnerability: An FTP command injection flaw was found in Erlang's FTP module. Several functions in the FTP module do not properly sanitize the input before passing it into a control socket. A local attacker can use this flaw to execute arbitrary FTP commands on a system that uses this module (CVE-2014-1693). This update also disables SSLv3 by default to mitigate the POODLE issue.

Affected Products

VendorProductVersionsPlatforms
Mageiaerlang0 (affected), * (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›