Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Gentoo Linux: GLSA-200903-27 Normal: ProFTPD SQL Injection Threat

gentoo
Calendar Grey March 12, 2009
Dist Gentoo Esm H88
Gentoo Security Advisory GLSA 202010-35 brings attention to multiple security flaws in ProFTPD that could allow for potential SQL injection threats.
Two vulnerabilities in ProFTPD might allow for SQL injection attacks.

Summary

Gentoo Linux Security Advisory GLSA 200903-27 https://security.gentoo.org/ Severity: Normal Title: ProFTPD: Multiple vulnerabilities Date: March 12, 2009 Bugs: #258450 ID: 200903-27

Synopsis ======= Two vulnerabilities in ProFTPD might allow for SQL injection attacks.
Background ========= ProFTPD is an advanced and very configurable FTP server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-ftp/proftpd < 1.3.2 >= 1.3.2
========== The following vulnerabilities were reported:
* Percent characters in the username are not properly handled, which introduces a single quote character during variable substitution by mod_sql (CVE-2009-0542).
* Some inv...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security update remote attack SQL injection Gentoo Linux normal severity ProFTPD issue

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory security update remote attack SQL injection Gentoo Linux normal severity ProFTPD issue

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here