admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2014/CVE-2014-16xx/CVE-2014-1693.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

131 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2014-1693",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-12-08T11:59:01.860",
"lastModified": "2024-11-21T02:04:50.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, or (18) append_bin command."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n CRLF en el m\u00f3dulo FTP en Erlang/OTP R15B03 permiten a atacantes dependientes de contexto inyectar comandos FTP arbitrarios a trav\u00e9s de secuencias CRLF en el comando (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8) mkdir, (9) rmdir, (10) recv, (11) recv_bin, (12) recv_chunk_start, (13) send, (14) send_bin, (15) send_chunk_start, (16) append_chunk_start, (17) append, o (18) append_bin."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:erlang:erlang\\/otp:r15b03:*:*:*:*:*:*:*",
"matchCriteriaId": "E602B5A2-5C32-456D-90F1-9BDCADA56A53"
}
]
}
]
}
],
"references": [
{
"url": "http://advisories.mageia.org/MGASA-2014-0553.html",
"source": "cve@mitre.org"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145017.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/oss-sec/2014/q1/163",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:174",
"source": "cve@mitre.org"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059331",
"source": "cve@mitre.org"
},
{
"url": "https://usn.ubuntu.com/3571-1/",
"source": "cve@mitre.org"
},
{
"url": "http://advisories.mageia.org/MGASA-2014-0553.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145017.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://seclists.org/oss-sec/2014/q1/163",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:174",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059331",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://usn.ubuntu.com/3571-1/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/93.html\" target=\"_blank\">CWE-93: CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')</a>"
}
Reference in New Issue View Git Blame Copy Permalink