CVE-2009-0543 Information

Share on:

Feb 14, 2021 cve

Description

ProFTPD Server 1.3.1 with NLS support enabled allows remote attackers to bypass SQL injection protection mechanisms via invalid encoded multibyte characters which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.

Reference

http://bugs.proftpd.org/show_bug.cgi?id=3173 http://secunia.com/advisories/34268 http://security.gentoo.org/glsa/glsa-200903-27.xml http://www.debian.org/security/2009/dsa-1730 http://www.mandriva.com/security/advisories?name=MDVSA-2009:061 http://www.openwall.com/lists/oss-security/2009/02/11/4 http://www.openwall.com/lists/oss-security/2009/02/11/5