SB2012092404 - Fedora EPEL 5 update for moodle

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2012092404

SB2012092404 - Fedora EPEL 5 update for moodle

Published: September 24, 2012 Updated: April 24, 2025

Security Bulletin ID SB2012092404
Severity
Medium
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 7% Low 93%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-3387)

The vulnerability allows a remote #AU# to manipulate data.

Moodle 2.3.x before 2.3.1 uses only a client-side check for whether references are permitted in a file upload, which allows remote authenticated users to bypass intended alias (aka shortcut) restrictions via a client that omits this check.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-3388)

The vulnerability allows a remote #AU# to manipulate data.

The is_enrolled function in lib/accesslib.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 does not properly interact with the caching feature, which might allow remote authenticated users to bypass an intended capability check via unspecified vectors that trigger caching of a user record.


3) Cross-site scripting (CVE-ID: CVE-2012-3389)

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in mod/lti/typessettings.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 when processing the (1) lti_typename or (2) lti_toolurl parameter. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-3390)

The vulnerability allows a remote #AU# to gain access to sensitive information.

lib/filelib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly restrict file access after a block has been hidden, which allows remote authenticated users to obtain sensitive information by reading a file that is embedded in a block.


5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-3391)

The vulnerability allows a remote #AU# to gain access to sensitive information.

mod/forum/rsslib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not properly implement the requirement for posting before reading a Q&A forum, which allows remote authenticated users to bypass intended access restrictions by leveraging the student role and reading the RSS feed for a forum.


6) Configuration (CVE-ID: CVE-2012-3392)

The vulnerability allows a remote #AU# to manipulate or delete data.

mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not consider whether a forum is optional, which allows remote authenticated users to bypass forum-subscription requirements by leveraging the student role and unsubscribing from all forums.


7) Cross-site scripting (CVE-ID: CVE-2012-3393)

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in repository/lib.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


8) Information disclosure (CVE-ID: CVE-2012-3394)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

auth/ldap/ntlmsso_attempt.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 redirects users from an https LDAP login URL to an http URL, which allows remote attackers to obtain sensitive information by sniffing the network.


9) SQL injection (CVE-ID: CVE-2012-3395)

The vulnerability allows a remote user to execute arbitrary SQL queries in database.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote privileged user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.

Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.


10) Cross-site scripting (CVE-ID: CVE-2012-3396)

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

An input validation error exists in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


11) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-3397)

The vulnerability allows a remote #AU# to manipulate data.

lib/modinfolib.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 does not check for a group-membership requirement when determining whether an activity is unavailable or hidden, which allows remote authenticated users to bypass intended access restrictions by selecting an activity that is configured for a group of other users.


12) Input validation error (CVE-ID: CVE-2012-3398)

The vulnerability allows a remote #AU# to perform service disruption.

Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service (CPU consumption) by using the advanced-search feature on a database activity that has many records. Per: http://cwe.mitre.org/data/definitions/407.html 'CWE-407: Algorithmic Complexity'


13) Information disclosure (CVE-ID: CVE-2012-2353)

The vulnerability allows a remote #AU# to gain access to sensitive information.

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section.


14) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-4408)

The vulnerability allows a remote #AU# to read and manipulate data.

course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass intended access restrictions via a reset operation.


Remediation

Install update from vendor's website.

References