Moodle 2.7.x < 2.7.9 / 2.8.x < 2.8.7 / 2.9.x < 2.9.1 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 8968

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

Moodle, an open-source course management system, installed on the remote host is version 2.7.x prior to 2.7.9, 2.8.x prior to 2.8.7, or 2.9.x prior to 2.9.1, and is affected by multiple vulnerabilities :

- A flaw in the 'clean_param()' function in 'lib/moodlelib.php' that allows a cross-site redirection attack. This flaw exists because the application does not validate a certain parameter when generating error messages and allows a context-dependent attacker to create a specially crafted link that, if followed, would redirect a victim from the intended legitimate web site to an arbitrary web site of the attacker's choosing. (CVE-2015-3272)
- A flaw in the 'mod/forum/post.php' script that is due to missing capability checks allowing an unauthorized remote attacker to post on the forum. (CVE-2015-3273)
- A flaw that allows a stored cross-site scripting (XSS) attack. This flaw exists because the 'user_get_user_details()' function in the 'user/lib.php' script does not validate input to text profile fields before returning it to users allowing an authenticated remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (CVE-2015-3274)
- A flaw in the 'mod/scorm/prereqs.php' and 'mod/scorm/player.php' scripts that are triggered during the handling of the 'currentorg' parameter allowing a remote attacker to inject arbitrary JavaScript content. (CVE-2015-3275)

Solution

Upgrade to Moodle version 2.7.9, 2.8.7, or 2.9.1 or later.

See Also

https://docs.moodle.org/dev/Moodle_2.7.9_release_notes

https://docs.moodle.org/dev/Moodle_2.8.7_release_notes

https://docs.moodle.org/dev/Moodle_2.9.1_release_notes

Plugin Details

Severity: Critical

ID: 8968

Family: CGI

Published: 2015/10/07

Modified: 2018/09/16

Dependencies: 8690

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Patch Publication Date: 2015/07/06

Vulnerability Publication Date: 2015/06/29

Reference Information

CVE: CVE-2015-3272, CVE-2015-3273, CVE-2015-3274, CVE-2015-3275

BID: 75711, 75713, 75714, 75716