CVE-2009-0542

ProFTPD Server <1.3.2rc2 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-0542. PoCs published by gat3way, AlpHaNiX.

AI-analyzed exploit summary This writeup describes an SQL injection vulnerability in ProFTPD's SQL authentication mechanism. The exploit leverages improper handling of the '%' character to bypass authentication by injecting a malicious SQL query into the username field.

Description

SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql.

Exploits (2)

exploitdb WRITEUP VERIFIED
by gat3way · textremotemultiple
https://www.exploit-db.com/exploits/8037

This writeup describes an SQL injection vulnerability in ProFTPD's SQL authentication mechanism. The exploit leverages improper handling of the '%' character to bypass authentication by injecting a malicious SQL query into the username field.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: ProFTPD (version not specified)
No auth needed
Prerequisites: ProFTPD with SQL authentication enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by AlpHaNiX · perlremotemultiple
https://www.exploit-db.com/exploits/32798

This exploit leverages an SQL injection vulnerability in ProFTPD with mod_mysql to bypass authentication. It allows an attacker to execute FTP commands such as listing, deleting, renaming files, and creating directories without valid credentials.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: ProFTPD 1.3.1 through 1.3.2 rc 2
No auth needed
Prerequisites: ProFTPD with mod_mysql enabled · Network access to the target FTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2009/dsa-1730
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500833/100/0/threaded
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/02/11/5
Various Sources x_refsource_confirm
http://bugs.proftpd.org/show_bug.cgi?id=3180
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/02/11/3
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34268
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:061
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500852/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500851/100/0/threaded
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2009/02/11/1
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200903-27.xml
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8037
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500823/100/0/threaded

Scores

EPSS 0.7473
EPSS Percentile 99.4%

Details

CWE
CWE-89
Status published
Products (3)
proftpd_project/proftpd 1.3.1
proftpd_project/proftpd 1.3.2
proftpd_project/proftpd 1.3.2_rc2
Published Feb 12, 2009
Tracked Since Feb 18, 2026