Moodle < 2.5 / 2.5.x < 2.5.8 / 2.6.x < 2.6.5 / 2.7.x < 2.7.2 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8719
SynopsisThe remote web server is hosting a web application that is vulnerable to multiple attack vectors.
DescriptionThe remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.5.x prior to 2.5.8, 2.6.x prior to 2.6.5, 2.7.x prior to 2.7.2, and all previous releases are exposed to the following vulnerabilities :
- A security bypass vulnerability affects the third-party library utilized by Moodle, phpCAS. Specifically, this is a flaw related to improper URL encoding in the back-channel ticket validation. With a specially crafted request, a remote attacker can bypass intended security constraints. (MSA-14-0033 / CVE-2014-4172)
- An information disclosure vulnerability affects the Q&A forum. Specifically, this affects the script '/mod/forum/view.php' by allowing users who had not yet posted the required answer to see the name of the last person who had posted their answer. (MSA-14-0034 / CVE-2014-3617)
SolutionUpgrade to Moodle version 2.7.2. If your installation cannot be upgraded to 2.7.x, versions 2.6.5 and 2.5.8 are also patched for these vulnerabilities.