← volver
CVE-2014-0008

CVE-2014-0008

EPSS 1.8%
lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.htmlhttp://openwall.com/lists/oss-security/2014/01/20/1https://moodle.org/mod/forum/discuss.php?d=252414http://www.securitytracker.com/id/1029647