Computer Security
[EN] securityvulns.ru no-pyccku


Erlang CRLF injection
Published:13.04.2015
Source:
SecurityVulns ID:14381
Type:library
Threat Level:
5/10
Description:CRLF injection in FTP commands.
CVE:CVE-2014-1693 (Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.)
Original documentdocumentMANDRIVA, [ MDVSA-2015:174 ] erlang (13.04.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod