Moodle < 2.5 / 2.5.x < 2.5.8 / 2.6.x < 2.6.5 / 2.7.x < 2.7.2 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8719

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.5.x prior to 2.5.8, 2.6.x prior to 2.6.5, 2.7.x prior to 2.7.2, and all previous releases are exposed to the following vulnerabilities :

- A security bypass vulnerability affects the third-party library utilized by Moodle, phpCAS. Specifically, this is a flaw related to improper URL encoding in the back-channel ticket validation. With a specially crafted request, a remote attacker can bypass intended security constraints. (MSA-14-0033 / CVE-2014-4172)

- An information disclosure vulnerability affects the Q&amp;A forum. Specifically, this affects the script '/mod/forum/view.php' by allowing users who had not yet posted the required answer to see the name of the last person who had posted their answer. (MSA-14-0034 / CVE-2014-3617)

Solution

Upgrade to Moodle version 2.7.2. If your installation cannot be upgraded to 2.7.x, versions 2.6.5 and 2.5.8 are also patched for these vulnerabilities.

See Also

http://moodle.org/security

http://www.nessus.org/u?054c7704

https://moodle.org/mod/forum/discuss.php?d=269590

https://moodle.org/mod/forum/discuss.php?d=269591

Plugin Details

Severity: Medium

ID: 8719

Family: CGI

Published: 2015/04/20

Modified: 2016/01/21

Dependencies: 8690

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 4.8

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Patch Publication Date: 2014/09/08

Vulnerability Publication Date: 2014/09/15

Reference Information

CVE: CVE-2014-3617, CVE-2014-4172

BID: 69789, 69496