Multiple vulnerabilities in Moodle
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 11 |
| CVE-ID | CVE-2011-4589 CVE-2011-4590 CVE-2011-4591 CVE-2011-4592 CVE-2011-4593 CVE-2011-4581 CVE-2011-4582 CVE-2011-4583 CVE-2011-4584 CVE-2011-4586 CVE-2011-4587 |
| CWE-ID | CWE-264 CWE-287 CWE-79 CWE-200 CWE-20 CWE-255 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Moodle Web applications / Other software |
| Vendor | moodle.org |
Security Bulletin
This security bulletin contains information about 11 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43826
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4589
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate or delete data.
backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not check for the moodle/course:changeidnumber privilege during handling of course ID numbers, which allows remote authenticated users to overwrite ID numbers via a restore action.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29591
https://moodle.org/mod/forum/discuss.php?d=191758
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU43827
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4590
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly consider the maintenance-mode state and account attributes during login attempts, which allows remote authenticated users to bypass intended access restrictions by connecting to a webservice server.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28629
https://moodle.org/mod/forum/discuss.php?d=191759
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU43828
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4591
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionVulnerability allows a remote attacker to perform XSS attacks.
The vulnerability is caused by an input validation error in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled,. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in victim's browser in security context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git;a=commit;h=187672608ec96659e07f2461b3b83634debd16cb
https://moodle.org/mod/forum/discuss.php?d=191760
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43829
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-4592
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git;a=commit;h=ade30ad3c420ce035a3d68287db701b70e806b3f
https://moodle.org/mod/forum/discuss.php?d=191761
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU43830
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4593
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle user/action_redir group messages, which allows remote authenticated users to discover e-mail addresses by visiting the messaging interface.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.1.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=e94113a859015a4a80b9397957b8fc4044e2951f
https://moodle.org/mod/forum/discuss.php?d=191762
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU43831
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4581
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to gain access to sensitive information.
mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 allows remote authenticated users to discover the username of a wiki creator by visiting the history and deletion user interface.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git;a=commit;h=140af2a0f0a4598bf568b9ae182cb81eb583edeb
https://moodle.org/mod/forum/discuss.php?d=191747
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU43832
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4582
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before 2.1.3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a redirection URL.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.1 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28720&sr=1
https://moodle.org/mod/forum/discuss.php?d=191748
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43833
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4583
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to read and manipulate data.
Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens associated with (1) disabled services and (2) users who no longer have authorization, which allows remote authenticated users to have an unspecified impact by reading these tokens.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 2.0 - 2.1.2
CPE2.3 External linkshttps://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-28670&sr=1
https://moodle.org/mod/forum/discuss.php?d=191750
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU43834
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2011-4584
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote #AU# to manipulate data.
The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to impersonate other user accounts by using the Login As feature in conjunction with a remote MNET single sign-on capability, as demonstrated by a Mahara site.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.1.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=10df8657c1c138c0d0ab1d4796c552fcec0c299b
https://moodle.org/mod/forum/discuss.php?d=191751
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU43836
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-4586
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
CRLF injection vulnerability in calendar/set.php in the Calendar subsystem in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.1.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=581e8dba387f090d89382115fd850d8b44351526
https://moodle.org/mod/forum/discuss.php?d=191754
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Credentials management
EUVDB-ID: #VU43837
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2011-4587
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable blank passwords.
MitigationInstall update from vendor's website.
Vulnerable software versionsMoodle: 1.9 - 2.1.2
CPE2.3- cpe:2.3:a:moodle_org:moodle:1.9.14:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle_org:moodle:2.1.2:*:*:*:*:*:*:*
https://git.moodle.org/gw?p=moodle.git;a=commit;h=e079e82c087becf06d902089d14f3f76686bde19
https://moodle.org/mod/forum/discuss.php?d=191755
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
