[erlang-questions] 20171123 Patch Package: OTP 20.1.7

[erlang-questions] 20171123 Patch Package: OTP 19.3.6.4

[erlang-questions] 20171123 Patch Package: OTP 18.3.4.7

102197

RHSA-2018:0242

RHSA-2018:0303

RHSA-2018:0368

RHSA-2018:0528

[debian-lts-announce] 20171215 [SECURITY] [DLA 1207-1] erlang security update

https://robotattack.org/

USN-3571-1

DSA-4057

VU#144389

An update of the erlang package has been released.

The remote host is affected by an information disclosure vulnerability. The SSL/TLS service supports RSA key exchanges, and incorrectly leaks whether or not the RSA key exchange sent by a client was correctly formatted. This information can allow an attacker to decrypt previous SSL/TLS sessions or impersonate the server.

Note that this plugin does not attempt to recover an RSA ciphertext, however it sends a number of correct and malformed RSA ciphertexts as part of an SSL handshake and observes how the server responds.

This plugin attempts to discover the vulnerability in multiple ways, by not completing the handshake and by completing it incorrectly, as well as using a variety of cipher suites. Only the first method that finds the service to be vulnerable is reported.

This plugin requires report paranoia as some services will report as affected even though the issue is not exploitable.

It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to inject arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-1693)

It was discovered that Erlang incorrectly checked CBC padding bytes. A remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. This issue only affected Ubuntu 14.04 LTS. (CVE-2015-2774)

It was discovered that Erlang incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Erlang to crash, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2016-10253)

Hanno Bock, Juraj Somorovsky and Craig Young discovered that the Erlang otp TLS server incorrectly handled error reporting. A remote attacker could possibly use this issue to perform a variation of the Bleichenbacher attack and decrypt traffic or sign messages.
(CVE-2017-1000385).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

- Ver. 19.3.6.4

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself.

For Debian 7 'Wheezy', these problems have been fixed in version 15.b.1-dfsg-4+deb7u2.

We recommend that you upgrade your erlang packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for erlang fixes security issues and bugs.

The following vulnerabilities were addressed :

  - CVE-2017-1000385: Harden against the Bleichenbacher     attacher against RSA 

  - CVE-2016-10253: Heap overflow through regular     expressions (bsc#1030062)

In addition Erlang was updated to version 18.3.4.6, containing a number of upstream bug fixes and improvements.

It was discovered that the TLS server in Erlang is vulnerable to an adaptive chosen ciphertext attack against RSA keys.

ID	Name	Product	Family	Severity
137194	Photon OS 2.0: Erlang PHSA-2020-2.0-0251	Nessus	PhotonOS Local Security Checks	medium
105415	Return Of Bleichenbacher's Oracle Threat (ROBOT) Information Disclosure	Nessus	General	medium
106838	Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : erlang vulnerabilities (USN-3571-1) (ROBOT)	Nessus	Ubuntu Local Security Checks	critical
105939	Fedora 27 : erlang (2017-9e6df1e099) (ROBOT)	Nessus	Fedora Local Security Checks	medium
105325	Debian DLA-1207-1 : erlang security update (ROBOT)	Nessus	Debian Local Security Checks	medium
105241	openSUSE Security Update : erlang (openSUSE-2017-1358) (ROBOT)	Nessus	SuSE Local Security Checks	critical
105204	Fedora 26 : erlang (2017-93b6236635) (ROBOT)	Nessus	Fedora Local Security Checks	medium
105089	Debian DSA-4057-1 : erlang - security update (ROBOT)	Nessus	Debian Local Security Checks	medium

CVE-2017-1000385

medium

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Configuration 2

Tenable Plugins

medium

medium

critical

medium

medium

critical

medium

medium