FreeBSD : moodle -- multiple vulnerabilities (f6565fbf-ab9e-11e6-ae1b-002590263bf5)
Medium Nessus Plugin ID 94905
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionMarina Glancy reports :
- MSA-16-0023: Question engine allows access to files that should not be available
- MSA-16-0024: Non-admin site managers may accidentally edit admins via web services
- MSA-16-0025: Capability to view course notes is checked in the wrong context
- MSA-16-0026: When debugging is enabled, error exceptions returned from webservices could contain private data
SolutionUpdate the affected packages.