CVE-2014-1693 in OTPinformazioni

Riassunto

di MITRE

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

29/01/2014

Divulgazione

08/12/2014

Moderazione

accettato

CPE

pronto

EPSS

0.02193

KEV

no

Attività

molto basso

Fonti

Interested in the pricing of exploits?

See the underground prices here!