Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 1.9.x < 1.9.19 DoS

Medium

Synopsis

The remote web server is hosting a web application that is vulnerable to a Denial of Service (DoS) attack vector.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 1.9.x prior to 1.9.19 are exposed to a flaw that may allow a remote denial of service. The issue is triggered when searching database activities, which will cause an exhaustion of CPU resources. This will result in loss of availability for the program and the system. (CVE-2012-3398)

Solution

Upgrade to Moodle version 1.9.19 or later.