Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Moodle 2.7.x < 2.7.10 / 2.8.x < 2.8.8 / 2.9.x < 2.9.2 Multiple Vulnerabilities

High

Synopsis

The remote web server is hosting a web application that is vulnerable to multiple attack vectors.

Description

Moodle, an open-source course management system, installed on the remote host is version 2.7.x prior to 2.7.10, 2.8.x prior to 2.8.8, or 2.9.x prior to 2.9.2, and is affected by multiple vulnerabilities :

- A flaw due to the program failing to restrict users properly allowing an authenticated remote attacker to delete arbitrary files uploaded from other users. (CVE-2015-5265) - A race condition in the 'enrol/meta/locallib.php' script that can allow suspended students to get assigned a manager role in meta course for several minutes allowing an authenticated remote attacker to gain elevated privileges. (CVE-2015-5266) - A flaw in the 'complex_random_string()' function in the 'lib/moodlelib.php' script that is due to the limitation of PHP randomization. This can cause the program to create predictable password recovery tokens. (CVE-2015-5267) - A flaw in the lesson module that is due to the program failing to protect against making new attempts to answer some questions allowing an authenticated remote attacker to re-attempt answering questions in the lesson. (CVE-2015-5264) - A flaw in the rating component that is due to the program failing to check separate groups allowing an authenticated remote attacker to view ratings from other groups. (CVE-2015-5268) - A flaw that allows a stored cross-site scripting (XSS) attack. This flaw exists because the 'group/overview.php' script does not validate input to grouping descriptions before returning it to users. This may allow an authenticated, remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (CVE-2015-5269) - A flaw due to the program failing to check group access when posting to 'all participants' in forum allowing a remote attacker to bypass access restrictions and post to arbitrary locations. (CVE-2015-5272)

Solution

Upgrade to Moodle version 2.7.10, 2.8.8, or 2.9.2 or later.