#VU43825 Permissions, Privileges, and Access Controls in Moodle - CVE-2011-4588

Cybersecurity Help s.r.o.

Published: 2012-07-20 | Updated: 2020-08-11

Vulnerability identifier: #VU43825

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-4588

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Moodle
Web applications / Other software

Vendor: moodle.org

Description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC request.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Moodle: 1.9 - 1.9.14

External links
https://git.moodle.org/gw?p=moodle.git;a=commit;h=3ab2851d2a59721445945d0706c58092e07e861e
https://moodle.org/mod/forum/discuss.php?d=191756
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=761248

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Moodle

Fedora EPEL 6 update for moodle