ProFTPD Character Encoding SQL Injection Vulnerability(情報元のブックマーク数)
ProFTPDのユーザ認証でSQLを使っている場合にSQLインジェクションが発生する脆弱性が存在するとのこと。A=Aでとおっちゃうってことか?
ProFTPD is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
http://www.securityfocus.com/bid/33650/discuss
Exploiting this issue could allow an attacker to manipulate SQL queries, modify data, or exploit latent vulnerabilities in the underlying database. This may result in unauthorized access and a compromise of the application; other attacks are also possible.