Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-12-08T11:00:00

Updated: 2024-08-06T09:50:10.831Z

Reserved: 2014-01-29T00:00:00

Link: CVE-2014-1693

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-12-08T11:59:01.860

Modified: 2024-11-21T02:04:50.357

Link: CVE-2014-1693

cve-icon Redhat

No data.