oss-sec mailing list archives

Re: CVE request for proftpd

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 12 Feb 2009 10:45:25 -0500 (EST)


======================================================
Name: CVE-2009-0542
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0542
Reference: BUGTRAQ:20090210 Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/500823/100/0/threaded
Reference: BUGTRAQ:20090210 ProFTPd with mod_mysql Authentication Bypass Exploit
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/500851/100/0/threaded
Reference: BUGTRAQ:20090210 Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/500833/100/0/threaded
Reference: BUGTRAQ:20090211 Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/500852/100/0/threaded
Reference: MILW0RM:8037
Reference: URL:http://www.milw0rm.com/exploits/8037
Reference: MLIST:[oss-security] 20090211 CVE request for proftpd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/02/11/1
Reference: MLIST:[oss-security] 20090211 Re: CVE request for proftpd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/02/11/5
Reference: MLIST:[oss-security] 20090211 Re: CVE request for proftpd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/02/11/3
Reference: CONFIRM:http://bugs.proftpd.org/show_bug.cgi?id=3180

SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2
allows remote attackers to execute arbitrary SQL commands via a "%"
(percent) character in the username, which introduces a "'" (single
quote) character during variable substitution by mod_sql.


======================================================
Name: CVE-2009-0543
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0543
Reference: MLIST:[oss-security] 20090211 CVE request for proftpd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/02/11/4
Reference: MLIST:[oss-security] 20090211 Re: CVE request for proftpd
Reference: URL:http://www.openwall.com/lists/oss-security/2009/02/11/5
Reference: CONFIRM:http://bugs.proftpd.org/show_bug.cgi?id=3173

ProFTPD Server 1.3.1, with NLS support enabled, allows remote
attackers to bypass SQL injection protection mechanisms via invalid,
encoded multibyte characters, which are not properly handled in (1)
mod_sql_mysql and (2) mod_sql_postgres.

Current thread:

CVE request for proftpd Vincent Danen (Feb 11)
- Re: CVE request for proftpd TJ Saunders (Feb 11)
  - Re: CVE request for proftpd Vincent Danen (Feb 11)
  - Re: CVE request for proftpd Vincent Danen (Feb 11)
    - Re: CVE request for proftpd TJ Saunders (Feb 11)
    - Re: CVE request for proftpd Vincent Danen (Feb 11)
- Re: CVE request for proftpd Steven M. Christey (Feb 12)