ProFTPD 'mod_sql' Username SQL Injection Vulnerability

ProFTPD 'mod_sql' Username SQL Injection Vulnerability

References:

mod_sql improperly substitutes variables in user/group names (TJ Saunders)
net-ftp/proftpd <1.3.2 Encoding-dependent SQL injection vulnerability (Alessandro Calorì)
ProFTPD Homepage (ProFTPD)
proftpd: SQL injection during login (Vincent Danen)
Re: CVE request for proftpd (TJ Saunders)
Re: CVE request for proftpd (TJ Saunders)
SQL injection vulnerability (Shino)
Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (gat3way@gat3way.eu)
ProFTPd with mod_mysql Authentication Bypass Exploit (alphanix00@gmail.com)
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (Shino )
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (Sergio Aguayo )
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (Daniel Mayer )
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (Edward_Bjarte_Fjellsk )
Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well) (Benjamin Milde )
Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as w (gat3way@gat3way.eu)

Privacy Statement
Copyright 2010, SecurityFocus