← voltar
CVE-2009-4301

CVE-2009-4301

EPSS 1.4%
mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8http://docs.moodle.org/en/Moodle_1.8.11_release_noteshttp://docs.moodle.org/en/Moodle_1.9.7_release_noteshttp://moodle.org/mod/forum/discuss.php?d=139106http://secunia.com/advisories/37614https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.htmlhttp://www.securityfocus.com/bid/37244http://www.vupen.com/english/advisories/2009/3455