| VID |
16060 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The ProFTPD is vulnerable to a SQL injection attack via mod_sql module.
ProFTPD is an open-source FTP server software for Unix-based operating systems. ProFTPD versions 1.2.9rc1 and earlier using the mod_sql module are vulnerable to a SQL injection. This vulnerability may allow a remote user to login whithout user and password.
The mod_sql is an authentication module for ProFTPD. The backend module mod_sql_postgres is used to authenticate users doing a query to PostgreSQL server to retrieve user and password. The mod_sql_postgres backend module fails to properly filter escape strings and it may allow injecting SQL code in user login. By inserting arbitrary SQL code in the login, a remote attacker can gain unauthorized access without user and password. Moreover, the attacker can change his login id, gid and path.
* References:
http://www.securiteam.com/unixfocus/5LP0E2KAAI.html
* Platforms Affected:
ProFTPD 1.2.9rc1 and earlier
Linux Any version
Unix Any version |
| Recommendation |
No the vendor-supplied patches for this vulnerability as of the June, 2003.
As a workaround, the unofficial patch can gain from the SecurityFocus website at http://www.securityfocus.com/bid/7974/solution/ . |
| Related URL |
CVE-2003-0500 (CVE) |
| Related URL |
7974 (SecurityFocus) |
| Related URL |
12369 (ISS) |
|
