CVE-2009-0543

EPSS 0.50%

Published: 2/12/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-0543

Description

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.

Affected packages (1)

Debian/proftpd-dfsgfrom 0, < 1.3.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-0543