Moodle 3.0.x < 3.0.7 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 9836

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 3.0.x prior to 3.0.7 are affected by mutliple vulnerabilities :

- A flaw exists when debugging is enabled that is triggered as error exceptions from web services may return too much information. This may allow a remote attacker to potentially disclose private data. (OSVDB 147285)
- A flaw exists in the question engine that may allow an authenticated remote attacker to download files embedded in questions from the system by guessing the URL of the file downloading it using the identifier of a question they are authorized to access. (OSVDB 147605)
- A flaw exists in an unspecified web service that may allow a non-administrative remote attacker to make changes to administrative information for other users. (OSVDB 147606)
- A flaw exists that is due to the program failing to properly perform capability checks on users who have site-wide permissions which were revoked within a specific course. This may allow an authenticated remote attacker to disclose course note information. (OSVDB 147607)

Solution

Upgrade to Moodle version 3.0.7 or later.

See Also

https://docs.moodle.org/dev/Moodle_3.0.7_release_notes

Plugin Details

Severity: Medium

ID: 9836

File Name: 9836.prm

Family: CGI

Published: 2016/12/16

Modified: 2016/12/16

Dependencies: 9398

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6

Temporal Score: 5.2

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5

Temporal Score: 4.8

Vector: CVSS3#AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Patch Publication Date: 2016/11/21

Vulnerability Publication Date: 2016/11/21

Reference Information

CVE: CVE-2016-8642, CVE-2016-8643, CVE-2016-8644

BID: 94441, 94457, 94458

OSVDB: 147285, 147605, 147606, 147607