Moodle Multiple Security Vulnerabilities
BID:51840
Info
Moodle Multiple Security Vulnerabilities
| Bugtraq ID: | 51840 |
| Class: | Unknown |
| CVE: |
CVE-2012-0795 CVE-2012-0794 CVE-2012-0793 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 17 2012 12:00AM |
| Updated: | Apr 13 2015 08:24PM |
| Credit: | Ruslan Kabalin, Mike Wilson, Stephen Overall, John Ehringer, Rajesh Taneja, Eloy Lafuente, Andrea Bicciolo, Michael de Raadt and James Snell |
| Vulnerable: |
Moodle Moodle 2.1.2 Moodle Moodle 2.1.1 Moodle Moodle 2.0.5 Moodle Moodle 2.0.4 Moodle Moodle 2.0.3 Moodle Moodle 2.0.2 Moodle Moodle 2.0.1 Moodle Moodle 2.0.1 Moodle Moodle 1.9.14 Moodle Moodle 1.9.13 Moodle Moodle 1.9.12 Moodle Moodle 1.9.11 Moodle Moodle 1.9.10 Moodle moodle 1.9.10 Moodle moodle 1.9.9 Moodle Moodle 1.9.9 Moodle Moodle 1.9.8 Moodle moodle 1.9.8 Moodle moodle 1.9.7 Moodle Moodle 1.9.7 Moodle Moodle 1.9.6 Moodle moodle 1.9.6 Moodle Moodle 1.9.5 Moodle Moodle 1.9.4 Moodle moodle 1.9.4 Moodle moodle 1.9.3 Moodle moodle 1.9.2 Moodle Moodle 1.9.1 Moodle Moodle 2.2 Moodle Moodle 2.1.3 Moodle Moodle 2.1 Moodle Moodle 2.0.6 Moodle Moodle 2.0 Moodle Moodle 1.9.3 Moodle Moodle 1.9.2 Moodle Moodle 1.9.15 Moodle Moodle 1.9 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: | |
Discussion
Moodle Multiple Security Vulnerabilities
Moodle is prone to multiple security vulnerabilities including:
1. Multiple security-bypass vulnerabilities.
2. Multiple information-disclosure vulnerabilities.
Successful attacks can allow an attacker to obtain sensitive information and bypass certain security restrictions.
Moodle is prone to multiple security vulnerabilities including:
1. Multiple security-bypass vulnerabilities.
2. Multiple information-disclosure vulnerabilities.
Successful attacks can allow an attacker to obtain sensitive information and bypass certain security restrictions.
Solution / Fix
Moodle Multiple Security Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Moodle Multiple Security Vulnerabilities
References:
References:
- Moodle Homepage (Moodle)
- MSA-12-0004: Added profile image security (Michael de Raadt)
- MSA-12-0010: Unauthorised access to session key (Michael de Raadt)
- MSA-12-0001: Recaptcha transmission consistency issue (Michael de Raadt)
- MSA-12-0002: Personal information leak (Michael de Raadt)
- MSA-12-0003: Added password protection (Michael de Raadt)
- MSA-12-0005: Encryption enhancement (Michael de Raadt)
- MSA-12-0006: Additional email address validation (Michael de Raadt)
- MSA-12-0011: Browser autofill password issue (Michael de Raadt)
- MSA-12-0012: Form validation issue (Michael de Raadt)