FreeBSD : moodle -- multiple vulnerabilities (82b3ca2a-8c07-11e5-bd18-002590263bf5)

High Nessus Plugin ID 86879


The remote FreeBSD host is missing one or more security-related updates.


Moodle Release Notes report :

MSA-15-0037 Possible to send a message to a user who blocked messages from non contacts

MSA-15-0038 DDoS possibility in Atto

MSA-15-0039 CSRF in site registration form

MSA-15-0040 Student XSS in survey

MSA-15-0041 XSS in flash video player

MSA-15-0042 CSRF in lesson login form

MSA-15-0043 Web service core_enrol_get_enrolled_users does not respect course group mode

MSA-15-0044 Capability to view available badges is not respected

MSA-15-0045 SCORM module allows to bypass access restrictions based on date

MSA-15-0046 Choice module closing date can be bypassed


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 86879

File Name: freebsd_pkg_82b3ca2a8c0711e5bd18002590263bf5.nasl

Version: $Revision: 2.2 $

Type: local

Published: 2015/11/16

Modified: 2015/12/21

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:moodle27, p-cpe:/a:freebsd:freebsd:moodle28, p-cpe:/a:freebsd:freebsd:moodle29, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/11/16

Vulnerability Publication Date: 2015/11/09