CVE-2014-1693
Description
Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.
Risk Information
Base Score
8.2
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score
Exploitation Probability
0.588
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Concurrent, real-time, distributed functional language (USN-3571-1) erlang_18.3-dfsg-1ubuntu3.1_all.deb | Linux |
| Concurrent, real-time, distributed functional language (USN-3571-1) erlang_16.b.3-dfsg-1ubuntu2.2_all.deb | Linux |
| Concurrent, real-time, distributed functional language (USN-3571-1) erlang_20.0.4+dfsg-1ubuntu1.1_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234