Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 1.9.x < 1.9.17 Multiple Vulnerabilities

Medium

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 1.9.x prior to 1.9.17 are exposed to the following vulnerabilities :

- A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when handling permissions in the database activity module, which will disclose database entry information to a remote attacker. (CVE-2012-1155) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input is passed to the 'repository/coursefiles/db/access.php', 'repository/filesystem/db/access.php', 'repository/local/db/access.php', and 'repository/webdav/db/access.php' scripts, which will disclose Repository information to a remote attacker. (CVE-2012-1157) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when permissions are incorrectly handled by the 'grade/export/grade_export_form.php' script in the 'definition()' function, which will disclose hidden grades to a remote attacker. (CVE-2012-1158) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when access permissions are handled incorrectly by the 'fill_table()' function in the 'grade/report/overview/lib.php' script when viewing the overview report, which will disclose hidden courses to a remote attacker. (CVE-2012-1159) - A flaw exists related to the 'mod/forum/index.php' script. This flaw may allow an attacker to subscribe to course forums that may otherwise be restricted. (CVE-2012-1160) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input passed via the 'coursetag_get_tagged_courses()' function in the 'tag/coursetagslib.php' script is not properly verified before being used in a search, which will disclose a hidden course to a remote attacker. (CVE-2012-1161) - A flaw exists related to the 'core_user_update_users' function. An error in the function resets a password when updating users, which will allow an attacker to log in to a user's account with a blank password. (CVE-2012-1168) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when information passed via the 'load_for_user()' function is not properly sanitized upon submission to the 'lib/navigationlib.php' script, which will disclose a user's last name to a remote attacker. (CVE-2012-1169) - A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when info passed via the 'get_enrolled_users()' function in the 'enrol/externallib.php' script is not properly verified before being returned to the user, which will disclose enrolled users to a remote attacker. (CVE-2012-1170)

Solution

Upgrade to Moodle version 1.9.7 or later.