FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

proftpd -- multiple sql injection vulnerabilities

Affected packages
proftpd < 1.3.2
proftpd-mysql < 1.3.2
proftpd-devel <= 1.3.20080922

Details

VuXML ID ca0841ff-1254-11de-a964-0030843d3802
Discovery 2009-02-06
Entry 2009-03-16

Secunia reports:

Some vulnerabilities have been reported in ProFTPD, which can be exploited by malicious people to conduct SQL injection attacks.

The application improperly sets the character encoding prior to performing SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in an environment using a multi-byte character encoding.

An error exists in the "mod_sql" module when processing e.g. user names containing '%' characters. This can be exploited to bypass input sanitation routines and manipulate SQL queries by injecting arbitrary SQL code.

References

CVE Name CVE-2009-0542
CVE Name CVE-2009-0543
URL http://bugs.proftpd.org/show_bug.cgi?id=3124
URL http://bugs.proftpd.org/show_bug.cgi?id=3173
URL http://milw0rm.com/exploits/8037
URL http://secunia.com/advisories/33842/