VDB
GCVE-110-MAGEIA-2014-553
GCVE-110-MAGEIA-2014-553
Advisory Published
Updated erlang packages fixes security vulnerability:
An FTP command injection flaw was found in Erlang's FTP module. Several
functions in the FTP module do not properly sanitize the input before passing
it into a control socket. A local attacker can use this flaw to execute
arbitrary FTP commands on a system that uses this module (CVE-2014-1693).
This update also disables SSLv3 by default to mitigate the POODLE issue.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | erlang | 0 (affected), * (unaffected) | — |
Aliases
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.