Gentoo Linux Security Advisory 200911-6 – An input sanitation error in PEAR Net_Traceroute might allow remote attackers to execute arbitrary commands. Pasquale Imperato reported that the $host parameter to the traceroute() function in Traceroute.php is not properly sanitized before being passed to exec(). Versions less than 0.21.2 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/83265/glsa-200911-06.txt
Source: https://packetstormsecurity.com/files/83265/Gentoo-Linux-Security-Advisory-200911-6.html