CRLF Injection Vulnerabilities in Erlang/OTP FTP Module
CVE-2014-1693

Currently unrated

Key Information:

Vendor

Erlang

Status
Erlang\/otp
Vendor
CVE Published:
8 December 2014

What is CVE-2014-1693?

The FTP module in Erlang/OTP R15B03 contains multiple vulnerabilities that allow context-dependent attackers to exploit CRLF injection. By inputting crafted CRLF sequences into various FTP commands, including user authentication and file management commands, an attacker can inject arbitrary commands. This could lead to unauthorized actions being executed on the FTP server, compromising the security of systems using this version of Erlang.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://usn.ubuntu.com/3571-1/
vendor-advisoryx_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1059331
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.