Lucene search
GoogleOSV:DSA-1965-1HistoryJan 06, 2010 - 12:00 a.m.
phpldapadmin - remote file inclusion
2010-01-0600:00:00
Google
osv.dev
12
EPSS
0.013
Percentile
86.3%
It was discovered that phpLDAPadmin, a web based interface for administering
LDAP servers, doesn’t sanitize an internal variable, which allows remote
attackers to include and execute arbitrary local files.
The oldstable distribution (etch) is not affected by this problem.
For the stable distribution (lenny), this problem has been fixed in version
1.1.0.5-6+lenny1.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version
1.1.0.7-1.1
We recommend that you upgrade your phpldapadmin package.
References
Related
ubuntucve
ubuntucve
CVE-2009-4427
2009-12-28 00:00:00
openvas
openvas
phpldapadmin 'cmd.php' Local File Include Vulnerability
2009-12-15 00:00:00
phpldapadmin 'cmd.php' Local File Include Vulnerability
2009-12-15 00:00:00
Fedora Core 11 FEDORA-2009-13598 (phpldapadmin)
2009-12-30 00:00:00
prion
prion
Directory traversal
2009-12-28 19:00:00
exploitdb
exploitdb
phpLDAPadmin - Local File Inclusion
2009-12-10 00:00:00
cve
cve
CVE-2009-4427
2009-12-28 19:00:00
nessus
nessus
Debian DSA-1965-1 : phpldapadmin - missing input sanitising
2010-02-24 00:00:00
phpLDAPadmin cmd.php cmd Parameter Local File Inclusion
2009-12-23 00:00:00
cvelist
cvelist
CVE-2009-4427
2009-12-28 18:27:00
debiancve
debiancve
CVE-2009-4427
2009-12-28 19:00:00
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA-1965-1] New phpldapadmin packages fix remote file inclusion
2010-01-06 18:28:57
nvd
nvd
CVE-2009-4427
2009-12-28 19:00:00
