CVE-2009-0543

Published: Feb 12, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-1730

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20090211 Re: CVE request for proftpd

mailing-list

x_refsource_MLIST

34268

third-party-advisory

x_refsource_SECUNIA

MDVSA-2009:061

vendor-advisory

x_refsource_MANDRIVA

GLSA-200903-27

vendor-advisory

x_refsource_GENTOO

[oss-security] 20090211 CVE request for proftpd

mailing-list

x_refsource_MLIST

http://bugs.proftpd.org/show_bug.cgi?id=3173

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-0543

Description

Affected Products

References