Moodle < 2.4 / 2.4.x < 2.4.10 / 2.5.x < 2.5.6 / 2.6.x < 2.6.3 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8716

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.4.x prior to 2.4.10, 2.5.x prior to 2.5.6, 2.6.x prior to 2.6.3, and all previous releases are exposed to the following vulnerabilities :

- A cross-site request forgery (CSRF) vulnerability affects the quick-grading function. Session checking was not being performed correctly in Assignment's quick-grading, allowing forged requests to be made unknowingly by authenticated users. (MSA-14-0014 / CVE-2014-0213)

- A security bypass weakness affects session Token expiration in MoodleMobile. Tokens created automatically in 'login/token.php' are valid forever. (MSA-14-0015 / CVE-2014-0214)

- An information disclosure flaw which exposes student details through the use of a screen reader or viewing the HTML source code. (MSA-14-0016 / CVE-2014-0215)

- An authorization bypass vulnerability exists because it fails to restrict access to the files linked in HTML blocks on 'My Home' page. Successful exploits will allow attackers to gain unauthorized access to these files. (MSA-14-0017 / CVE-2014-0216)

- An information disclosure flaw that may allow a remote attacker to gain access to the details of hidden courses on enrollment pages via URL manipulation. (MSA-14-0018 / CVE-2014-0217)

- A reflected cross-site scripting (XSS) vulnerability affects the URL downloader repository due to a lack of filtering. (MSA-14-0019 / CVE-2014-0218)

Solution

Upgrade to Moodle version 2.7. If your installation cannot be upgraded to 2.7.x, versions 2.6.3, 2.5.6 and 2.4.10 are also patched for these vulnerabilities.

See Also

http://moodle.org/security

http://www.nessus.org/u?9542d845

http://www.nessus.org/u?5a6759c3

http://www.nessus.org/u?6e8ae8f4

http://openwall.com/lists/oss-security/2014/05/19/1

Plugin Details

Severity: Medium

ID: 8716

Family: CGI

Published: 2015/04/20

Modified: 2016/01/19

Dependencies: 8690

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Patch Publication Date: 2014/05/12

Vulnerability Publication Date: 2014/05/19

Reference Information

CVE: CVE-2014-0213, CVE-2014-0214, CVE-2014-0215, CVE-2014-0216, CVE-2014-0217, CVE-2014-0218

BID: 67477, 67478, 67476, 67475, 67480, 67479