Moodle 2.3.x < 2.3.10 / 2.4.x < 2.4.7 / 2.5.x < 2.5.3 Multiple Vulnerabilities

Critical Nessus Network Monitor Plugin ID 9419

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 2.3.x prior to 2.3.10, 2.4.x prior to 2.4.7 or 2.5.x prior to 2.5.3 are exposed to the following vulnerabilities :

- A flaw exists that is due to the server delivering some files with incorrect headers, which can result in the files being improperly cached on the user's machine, potentially allowing a local attacker to gain access to them. (CVE-2013-4522)
- A flaw exists in the messaging functionality that allows a cross-site scripting (XSS) attack. This flaw exists because the application does not validate the message text upon submission to the 'message/lib.php' script. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between the browser and the server. (CVE-2013-4523)
- A flaw exists in the 'repository/filesystem/lib.php' script in the file system repository that may result in attackers being granted read access to the entire file system, rather than just the Moodle file area. (CVE-2013-4524)
- A flaw exists that allows a cross-site scripting (XSS) attack. This flaw exists because the application does not validate input passed via quiz question answers upon submission to the 'mod/quiz/report/responses/responses_table.php' script. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between the browser and the server. (CVE-2013-4525)

Solution

Upgrade to Moodle version 2.6 or later. If version 2.6.x cannot be obtained, versions 2.5.3, 2.4.7 and 2.3.10 are also patched for these issues.

See Also

https://docs.moodle.org/dev/Moodle_2.3.10_release_notes

https://docs.moodle.org/dev/Moodle_2.4.7_release_notes

https://docs.moodle.org/dev/Moodle_2.5.3_release_notes

Plugin Details

Severity: Critical

ID: 9419

File Name: 9419.prm

Family: CGI

Published: 2016/07/21

Modified: 2016/07/21

Dependencies: 8690

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Patch Publication Date: 2013/11/04

Vulnerability Publication Date: 2013/10/18

Reference Information

CVE: CVE-2013-4522, CVE-2013-4523, CVE-2013-4524, CVE-2013-4525

BID: 63882, 63884, 63885, 63898