Vulnerability Name:

CVE-2009-0543 (CCN-48558)

Assigned:2009-02-05
Published:2009-02-05
Updated:2009-06-09
Summary:ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-89
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: ProFTPd Bugzilla Bug 3173
Encoding-dependent SQL injection vulnerability

Source: CONFIRM
Type: UNKNOWN
http://bugs.proftpd.org/show_bug.cgi?id=3173

Source: MITRE
Type: CNA
CVE-2009-0543

Source: CCN
Type: SA33842
ProFTPD Multiple SQL Injection Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
34268

Source: GENTOO
Type: UNKNOWN
GLSA-200903-27

Source: DEBIAN
Type: UNKNOWN
DSA-1730

Source: DEBIAN
Type: DSA-1727
proftpd-dfsg -- SQL injection vulnerabilites

Source: DEBIAN
Type: DSA-1730
proftpd-dfsg -- SQL injection vulnerabilites

Source: CCN
Type: GLSA-200903-27
ProFTPD: Multiple vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2009:061

Source: CCN
Type: oss-security Mailing List, Wed, 11 Feb 2009 12:16:02 -0700
Re: CVE request for proftpd

Source: MLIST
Type: UNKNOWN
[oss-security] 20090211 CVE request for proftpd

Source: CCN
Type: oss-security Mailing List, Wed, 11 Feb 2009 11:16:14 -0800
Re: CVE request for proftpd

Source: MLIST
Type: UNKNOWN
[oss-security] 20090211 Re: CVE request for proftpd

Source: CCN
Type: OSVDB ID: 51849
ProFTPD Character Encoding SQL Injection

Source: CCN
Type: OSVDB ID: 51954
ProFTPD Server NLS Support mod_sql_* Encoded Multibyte Character SQL Injection Protection Bypass

Source: CCN
Type: ProFTPD Web site
NEWS-1.3.1

Source: CCN
Type: BID-33650
ProFTPD Character Encoding SQL Injection Vulnerability

Source: XF
Type: UNKNOWN
proftpd-sql-injection-bypass(48558)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:113175
    P
    		proftpd-1.3.5b-2.5 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106597
    P
    		proftpd-1.3.5b-2.5 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:12886
    P
    		DSA-1727-1 proftpd-dfsg -- SQL injection vulnerabilites
    2014-06-23
    oval:org.mitre.oval:def:13553
    P
    		DSA-1730-1 proftpd-dfsg -- SQL injection vulnerabilites
    2014-06-23
    oval:org.mitre.oval:def:7391
    P
    		DSA-1730 proftpd-dfsg -- SQL injection vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7963
    P
    		DSA-1727 proftpd-dfsg -- SQL injection vulnerabilities
    2014-06-23
    oval:org.debian:def:1730
    V
    		SQL injection vulnerabilites
    2009-03-02
    oval:org.debian:def:1727
    V
    		SQL injection vulnerabilites
    2009-02-26
    BACK
    proftpd proftpd 1.3.1
    proftpd proftpd 1.3.1
    gentoo linux *
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    mandrakesoft mandrake linux 2008.1
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    debian debian linux 5.0