CVE-2014-1693

Name of the Vulnerable Software and Affected Versions Erlang/OTP version R15B03

Description The issue allows context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in various commands, including user, account, cd, ls, nlist, rename, delete, mkdir, rmdir, recv, recv bin, recv chunk start, send, send bin, send chunk start, append chunk start, append, and append bin.

Recommendations For Erlang/OTP version R15B03, consider disabling the FTP module until a patch is available to prevent exploitation. Restrict access to the vulnerable commands to minimize the risk of arbitrary FTP command injection. Avoid using the affected commands in the FTP module until the issue is resolved.