SB2012071701 - Multiple vulnerabilities in Moodle

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2012071701

SB2012071701 - Multiple vulnerabilities in Moodle

Published: July 17, 2012 Updated: August 11, 2020

Security Bulletin ID SB2012071701
Severity
Medium
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 38% Low 63%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2012-0795)

The vulnerability allows a remote #AU# to read and manipulate data.

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified impact via a crafted address.


2) Code Injection (CVE-ID: CVE-2012-0796)

The vulnerability allows a remote #AU# to manipulate data.

class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated users to inject arbitrary e-mail headers via vectors involving a crafted (1) From: or (2) Sender: header.


3) Configuration (CVE-ID: CVE-2012-0797)

The vulnerability allows a remote #AU# to read and manipulate data.

The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token.


4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-0798)

The vulnerability allows a remote #AU# to read and manipulate data.

The self-enrolment functionality in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 allows remote authenticated users to obtain the manager role by leveraging the teacher role.


5) Information disclosure (CVE-ID: CVE-2012-0800)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on an iPad device.


6) Input validation error (CVE-ID: CVE-2012-0801)

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle multiple instances of a form element, which has unspecified impact and remote attack vectors.


7) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2012-0793)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.


8) Credentials management (CVE-ID: CVE-2012-0794)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.


Remediation

Install update from vendor's website.

References