N/A

Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command.

N/A

N/A

Erlang OTP CRLF注入漏洞

Erlang是英国软件开发者乔-阿姆斯特朗（Joe Armstrong）所研发的一种通用的并行程序设计语言。OTP是其开发的中间件，是一个应用操作系统和一堆函数库，用于构建大型、容错和分布式应用程序。 Erlang OTP R15B03版本的FTP模块中存在CRLF注入漏洞。攻击者可借助多个命令（user，account，cd，ls，nlist，rename，delete，mkdir，rmdir，recv，recv_bin，recv_chunk_start，send，send_bin，send_chunk

N/A

N/A