I’ve mentioned this over in the #security channel in Slack, as well as via Twitter, but I think it’s worth mentioning here too. There is a known vulnerability in Erlang’s TCP distribution module that allows anyone with network access to an Erlang node (a VM started with a short or long name) to bring down the VM.
Further information can be found here:
TL;DR: you should only ever use TCP distribution on a closed network (but you already knew that)
BTW, the author also claims he can derive the cookie value, and therefore take complete control over the node. I remain skeptical about this claim, but in any case, the claim is only valid for auto-generated cookie values, which turn out to have very little entropy. So to be safe, always generate your own cookie values from a good source of randomness.