Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. There are cases where the magic cookie is included in the content of the logs. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.Įxposed Erlang Cookie could lead to Remote Command Execution (RCE) attack.
The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.Įrlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal.
This can occur only under specific conditions on Windows with unsafe filesystem permissions.Īn issue was discovered in Erlang/OTP before 23.2.2.
By adding files to an existing installation's directory, a local attacker could hijack accounts of other users running Erlang programs or possibly coerce a service running with "erlsrv.exe" to execute arbitrary code as Local System. File: debian_DSA-2033.A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3.
Name: The remote Debian host is missing a security-related update. Name: The remote FreeBSD host is missing a security-related update. Name: The remote Fedora host is missing a security update. Name: The remote Gentoo host is missing one or more security-related patches. Name: The remote Red Hat host is missing a security update.
Name: The remote Mandriva Linux host is missing one or more security updates.
Name: The remote Solaris system is missing a security patch for third-party software. Name: The remote Debian host is missing a security update.
The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.Įxpat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.Įjabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload. Ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.