SB2013032502 - Multiple vulnerabilities in Moodle

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2013032502

SB2013032502 - Multiple vulnerabilities in Moodle

Published: March 25, 2013 Updated: January 16, 2023

Security Bulletin ID SB2013032502
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 14% Low 86%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2013-1832)

The vulnerability allows a remote #AU# to gain access to sensitive information.

repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.


2) Cross-site scripting (CVE-ID: CVE-2013-1833)

The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via a crafted filename. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-1834)

The vulnerability allows a remote #AU# to manipulate data.

notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field.


4) Information disclosure (CVE-ID: CVE-2013-1835)

The vulnerability allows a remote #AU# to gain access to sensitive information.

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.


5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-1836)

The vulnerability allows a remote #AU# to read and manipulate data.

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access.


6) Information disclosure (CVE-ID: CVE-2013-1831)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.


7) Information disclosure (CVE-ID: CVE-2013-1829)

The vulnerability allows a remote #AU# to gain access to sensitive information.

calendar/managesubscriptions.php in Moodle 2.4.x before 2.4.2 does not consider capability requirements before displaying calendar subscriptions, which allows remote authenticated users to obtain potentially sensitive information by leveraging the student role.


Remediation

Install update from vendor's website.

References