Moodle 2.1.x < 2.1.6 / 2.2.x < 2.2.3 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8715
SynopsisThe remote web server is hosting a web application that is vulnerable to multiple attack vectors.
DescriptionThe remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.1.x prior to 2.1.6, or 2.2.x prior to 2.2.3 are exposed to the following vulnerabilities :
- An information disclosure flaw that allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section. (MSA-12-0024 / CVE-2012-2353)
- A flaw that may lead to an unauthorized information disclosure. The issue is triggered by an error in the 'recent conversations' functionality, which may allow a remote attacker to gain access to other user's messages by manipulating URL parameters. (MSA-12-0025 / CVE-2012-2354)
- A permissions flaw that is triggered when the 'question:use' permissions are not properly checked when adding questions to a quiz. This may allow an attacker to add arbitrary questions to a quiz. (MSA-12-0026 / CVE-2012-2355)
- A flaw that is triggered by an error when handling access permissions in the question bank, which may allow a remote attacker to create arbitrary questions. (MSA-12-0027 / CVE-2012-2356)
- A page in the CAS Authentication process was using an insecure HTTP URL that, apart from being insecure, sent the user in circles. (MSA-12-0028 / CVE-2012-2357)
- A write access flaw that allows users to overwrite site-wide database activity presets created by other users. (MSA-12-0037 / CVE-2012-2366)
SolutionUpgrade to Moodle version 2.2.3. If your installation cannot be upgraded to 2.2.x, version 2.1.3 is also patched for these vulnerabilities.