CVE-2009-4427 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4427): Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cmd parameter.
(In reply to comment #0) > CVE-2009-4427 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4427): > Directory traversal vulnerability in cmd.php in phpLDAPadmin 1.1.0.5 > allows remote attackers to include and execute arbitrary local files > via a .. (dot dot) in the cmd parameter. > The only version available in portage is phpldapadmin-1.2.0.4 , which does not suffer from this vulnerability
Indeed.