1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## CVE-2011-4074.dpatch by Deon George <wurley@users.sf.net>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Remove XSS vulnerabilty in debug code
## DP: http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin%2Fphpldapadmin;a=commitdiff_plain;h=64668e882b8866fae0fa1b25375d1a2f3b4672e2
@DPATCH@
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' phpldapadmin-1.1.0.5~/htdocs/cmd.php phpldapadmin-1.1.0.5/htdocs/cmd.php
--- phpldapadmin-1.1.0.5~/htdocs/cmd.php 2011-10-27 11:27:19.000000000 +0100
+++ phpldapadmin-1.1.0.5/htdocs/cmd.php 2011-10-27 11:27:37.000000000 +0100
@@ -14,10 +14,6 @@
$file = '';
switch ($www['cmd']) {
- case '_debug' :
- debug_dump($_REQUEST,1);
- break;
-
default :
if (defined('HOOKSDIR') && file_exists(HOOKSDIR.$www['cmd'].'.php'))
$file = HOOKSDIR.$www['cmd'].'.php';
|
