Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 393475 (CVE-2011-4581) - <www-apps/moodle-{1.9.15,2.0.6,2.1.3} Multiple Vulnerabilities (CVE-2011-{4581,4582,4583,4584,4585,4586,4587,4588,4589,4590,4591,4592,4593})
Summary: <www-apps/moodle-{1.9.15,2.0.6,2.1.3} Multiple Vulnerabilities (CVE-2011-{458...
Status: RESOLVED FIXED
Alias: CVE-2011-4581
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-07 08:30 UTC by Agostino Sarubbo
Modified: 2012-07-20 16:05 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2011-12-07 08:30:58 UTC 
Multiple vulnerabilies for moodle:

From secunia security advisories:
https://secunia.com/advisories/47103/
https://secunia.com/advisories/47076/
Comment 1 Agostino Sarubbo gentoo-dev 2011-12-07 08:32:06 UTC 
Tony, as last time, only need a cleanup of vulnerable versions.
Comment 2 Anthony Basile gentoo-dev 2011-12-07 13:45:24 UTC 
Yep, I know.  I usual wait about a week for overlap.  Week is up.
Comment 3 Agostino Sarubbo gentoo-dev 2011-12-07 14:59:13 UTC 
fixed.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2012-07-20 15:38:04 UTC 
CVE-2011-4593 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4593):
  Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does
  not properly handle user/action_redir group messages, which allows remote
  authenticated users to discover e-mail addresses by visiting the messaging
  interface.

CVE-2011-4592 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4592):
  The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x
  before 2.1.3 does not properly interact with IP blocking, which might allow
  remote attackers to bypass intended IP address restrictions by leveraging a
  configuration in which IP blocking was disabled to restore cron
  functionality.

CVE-2011-4591 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4591):
  Cross-site scripting (XSS) vulnerability in the print_object function in
  lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a
  developer debugging script is enabled, allows remote attackers to inject
  arbitrary web script or HTML via vectors involving object states.

CVE-2011-4590 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4590):
  The web services implementation in Moodle 2.0.x before 2.0.6 and 2.1.x
  before 2.1.3 does not properly consider the maintenance-mode state and
  account attributes during login attempts, which allows remote authenticated
  users to bypass intended access restrictions by connecting to a webservice
  server.

CVE-2011-4589 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4589):
  backup/moodle2/restore_stepslib.php in Moodle 2.0.x before 2.0.6 and 2.1.x
  before 2.1.3 does not check for the moodle/course:changeidnumber privilege
  during handling of course ID numbers, which allows remote authenticated
  users to overwrite ID numbers via a restore action.

CVE-2011-4588 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4588):
  The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before
  1.9.15 uses an incorrect data type, which allows remote attackers to bypass
  intended IP address restrictions via an XMLRPC request.

CVE-2011-4587 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4587):
  lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and
  2.1.x before 2.1.3 does not properly handle certain zero values in the
  password policy, which makes it easier for remote attackers to obtain access
  by leveraging the possible existence of user accounts that have unchangeable
  blank passwords.

CVE-2011-4586 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4586):
  CRLF injection vulnerability in calendar/set.php in the Calendar subsystem
  in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3
  allows remote attackers to inject arbitrary HTTP headers and conduct HTTP
  response splitting attacks via unspecified vectors.

CVE-2011-4585 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4585):
  login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https
  for the change-password form even if the httpslogin option is enabled, which
  allows remote attackers to obtain credentials by sniffing the network.

CVE-2011-4584 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4584):
  The MNET authentication functionality in Moodle 1.9.x before 1.9.15, 2.0.x
  before 2.0.6, and 2.1.x before 2.1.3 allows remote authenticated users to
  impersonate other user accounts by using the Login As feature in conjunction
  with a remote MNET single sign-on capability, as demonstrated by a Mahara
  site.

CVE-2011-4583 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4583):
  Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 displays web service tokens
  associated with (1) disabled services and (2) users who no longer have
  authorization, which allows remote authenticated users to have an
  unspecified impact by reading these tokens.

CVE-2011-4582 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4582):
  Open redirect vulnerability in the Calendar set page in Moodle 2.1.x before
  2.1.3 allows remote authenticated users to redirect users to arbitrary web
  sites and conduct phishing attacks via a redirection URL.

CVE-2011-4581 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4581):
  mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3
  allows remote authenticated users to discover the username of a wiki creator
  by visiting the history and deletion user interface.
Comment 5 Anthony Basile gentoo-dev 2012-07-20 16:05:55 UTC 
These are all taken care of.  We're on the latest from upstream.