Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 2.0.x < 2.0.8 / 2.1.x < 2.1.5 / 2.2.x < 2.2.2 Multiple Vulnerabilities

Medium

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.0.x prior to 2.0.8, 2.1.x prior to 2.1.26, or 2.2.x prior to 2.2.3 are exposed to the following vulnerabilities :

- A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when handling permissions in the database activity module, which will disclose database entry information to a remote attacker. (CVE-2012-1155) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input is passed to the 'repository/coursefiles/db/access.php', 'repository/filesystem/db/access.php', 'repository/local/db/access.php', and 'repository/webdav/db/access.php' scripts, which will disclose Repository information to a remote attacker. (CVE-2012-1157) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when permissions are incorrectly handled by the 'grade/export/grade_export_form.php' script in the 'definition()' function, which will disclose hidden grades to a remote attacker. (CVE-2012-1158) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when access permissions are handled incorrectly by the 'fill_table()' function in the 'grade/report/overview/lib.php' script when viewing the overview report, which will disclose hidden courses to a remote attacker. (CVE-2012-1159) - A flaw exists related to the 'mod/forum/index.php' script. This flaw may allow an attacker to subscribe to course forums that may otherwise be restricted. (CVE-2012-1160) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input passed via the 'coursetag_get_tagged_courses()' function in the 'tag/coursetagslib.php' script is not properly verified before being used in a search, which will disclose a hidden course to a remote attacker. (CVE-2012-1161) - A flaw exists related to the 'core_user_update_users' function. An error in the function resets a password when updating users, which will allow an attacker to log in to a user's account with a blank password. (CVE-2012-1168) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when information passed via the 'load_for_user()' function is not properly sanitized upon submission to the 'lib/navigationlib.php' script, which will disclose a user's last name to a remote attacker. (CVE-2012-1169) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when info passed via the 'get_enrolled_users()' function in the 'enrol/externallib.php' script is not properly verified before being returned to the user, which will disclose enrolled users to a remote attacker. (CVE-2012-1170)

Solution

Upgrade to Moodle version 2.2.2 or later. If version 2.2.x cannot be obtained, versions 2.1.5 and 2.0.8 are also patched for these vulnerabilities.