Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title New moodle packages fix several vulnerabilities
Informations
Name DSA-1691 First vendor Publication 2008-12-22
Vendor Debian Last vendor Modification 2008-12-22
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several remote vulnerabilities have been discovered in Moodle, an online course management system. The following issues are addressed in this update, ranging from cross site scripting to remote code execution.

Various cross site scripting issues in the Moodle codebase (CVE-2008-3326, CVE-2008-3325, CVE-2007-3555, CVE-2008-5432, MSA-08-0021, MDL-8849, MDL-12793, MDL-11414, MDL-14806, MDL-10276).

Various cross site request forgery issues in the Moodle codebase (CVE-2008-3325, MSA-08-0023).

Privilege escalation bugs in the Moodle codebase (MSA-08-0001, MDL-7755).

SQL injection issue in the hotpot module (MSA-08-0010).

An embedded copy of Smarty had several vulnerabilities (CVE-2008-4811, CVE-2008-4810). An embedded copy of Snoopy was vulnerable to cross site scripting (CVE-2008-4796). An embedded copy of Kses was vulnerable to cross site scripting (CVE-2008-1502).

For the stable distribution (etch), these problems have been fixed in version 1.6.3-2+etch1.

For the unstable distribution (sid), these problems have been fixed in version 1.8.2.dfsg-2.

We recommend that you upgrade your moodle (1.6.3-2+etch1) package.

Original Source

Url : http://www.debian.org/security/2008/dsa-1691

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-43 Exploiting Multiple Input Interpretation Layers
CAPEC-88 OS Command Injection
CAPEC-108 Command Line Execution through SQL Injection

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
22 % CWE-264 Permissions, Privileges, and Access Controls
11 % CWE-352 Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25)
11 % CWE-94 Failure to Control Generation of Code ('Code Injection')
11 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)
11 % CWE-78 Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17657
 
Oval ID: oval:org.mitre.oval:def:17657
Title: USN-658-1 -- moodle vulnerability
Description: Lukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough.
Family: unix Class: patch
Reference(s): USN-658-1
CVE-2008-1502
Version: 7
Platform(s): Ubuntu 7.10
Ubuntu 8.04
Product(s): moodle
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20060
 
Oval ID: oval:org.mitre.oval:def:20060
Title: DSA-1691-1 moodle - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Moodle, an online course management system. The following issues are addressed in this update, ranging from cross site scripting to remote code execution.
Family: unix Class: patch
Reference(s): DSA-1691-1
CVE-2007-3555
CVE-2008-1502
CVE-2008-3325
CVE-2008-3326
CVE-2008-4796
CVE-2008-4810
CVE-2008-4811
CVE-2008-5432
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): moodle
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7939
 
Oval ID: oval:org.mitre.oval:def:7939
Title: DSA-1691 moodle -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in Moodle, an online course management system. The following issues are addressed in this update, ranging from cross site scripting to remote code execution. Various cross site scripting issues in the Moodle codebase (CVE-2008-3326, CVE-2008-3325, CVE-2007-3555, CVE-2008-5432, MSA-08-0021, MDL-8849, MDL-12793, MDL-11414, MDL-14806, MDL-10276). Various cross site request forgery issues in the Moodle codebase (CVE-2008-3325, MSA-08-0023). Privilege escalation bugs in the Moodle codebase (MSA-08-0001, MDL-7755). SQL injection issue in the hotpot module (MSA-08-0010). An embedded copy of Smarty had several vulnerabilities (CVE-2008-4811, CVE-2008-4810). An embedded copy of Snoopy was vulnerable to cross site scripting (CVE-2008-4796). An embedded copy of Kses was vulnerable to cross site scripting (CVE-2008-1502).
Family: unix Class: patch
Reference(s): DSA-1691
CVE-2007-3555
CVE-2008-1502
CVE-2008-3325
CVE-2008-3326
CVE-2008-4796
CVE-2008-4810
CVE-2008-4811
CVE-2008-5432
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): moodle
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 9
Application 54
Application 84
Application 58
Application 168
Os 2

OpenVAS Exploits

Date Description
2011-03-09 Name : Gentoo Security Advisory GLSA 201006-13 (smarty)
File : nvt/glsa_201006_13.nasl
2010-08-21 Name : Debian Security Advisory DSA 1919-2 (smarty)
File : nvt/deb_1919_2.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13040 (moodle)
File : nvt/fcore_2009_13040.nasl
2009-10-27 Name : Debian Security Advisory DSA 1919-1 (smarty)
File : nvt/deb_1919_1.nasl
2009-10-19 Name : Mandrake Security Advisory MDVSA-2009:265 (egroupware)
File : nvt/mdksa_2009_265.nasl
2009-09-02 Name : Debian Security Advisory DSA 1871-1 (wordpress)
File : nvt/deb_1871_1.nasl
2009-09-02 Name : Debian Security Advisory DSA 1871-2 (wordpress)
File : nvt/deb_1871_2.nasl
2009-06-30 Name : Ubuntu USN-791-1 (moodle)
File : nvt/ubuntu_791_1.nasl
2009-06-05 Name : Ubuntu USN-723-1 (git-core)
File : nvt/ubuntu_723_1.nasl
2009-06-05 Name : Ubuntu USN-698-1 (nagios)
File : nvt/ubuntu_698_1.nasl
2009-04-06 Name : Fedora Core 10 FEDORA-2009-3280 (moodle)
File : nvt/fcore_2009_3280.nasl
2009-04-06 Name : Fedora Core 9 FEDORA-2009-3283 (moodle)
File : nvt/fcore_2009_3283.nasl
2009-03-23 Name : Ubuntu Update for moodle vulnerability USN-658-1
File : nvt/gb_ubuntu_USN_658_1.nasl
2009-03-02 Name : Mandrake Security Advisory MDVSA-2009:052 (php-smarty)
File : nvt/mdksa_2009_052.nasl
2009-02-18 Name : Fedora Core 10 FEDORA-2009-1699 (moodle)
File : nvt/fcore_2009_1699.nasl
2009-02-17 Name : Fedora Update for moodle FEDORA-2008-9502
File : nvt/gb_fedora_2008_9502_moodle_fc8.nasl
2009-02-17 Name : Fedora Update for moodle FEDORA-2008-9903
File : nvt/gb_fedora_2008_9903_moodle_fc10.nasl
2009-02-17 Name : Fedora Update for moodle FEDORA-2008-9508
File : nvt/gb_fedora_2008_9508_moodle_fc9.nasl
2009-02-17 Name : Fedora Update for php-Smarty FEDORA-2008-9420
File : nvt/gb_fedora_2008_9420_php-Smarty_fc9.nasl
2009-02-17 Name : Fedora Update for php-Smarty FEDORA-2008-9401
File : nvt/gb_fedora_2008_9401_php-Smarty_fc8.nasl
2009-02-17 Name : Fedora Update for wordpress FEDORA-2008-9304
File : nvt/gb_fedora_2008_9304_wordpress_fc8.nasl
2009-02-17 Name : Fedora Update for wordpress FEDORA-2008-9257
File : nvt/gb_fedora_2008_9257_wordpress_fc9.nasl
2009-02-17 Name : Fedora Update for moodle FEDORA-2008-6226
File : nvt/gb_fedora_2008_6226_moodle_fc8.nasl
2009-02-16 Name : Fedora Update for php-Smarty FEDORA-2008-10409
File : nvt/gb_fedora_2008_10409_php-Smarty_fc10.nasl
2009-02-13 Name : Fedora Core 9 FEDORA-2009-1641 (moodle)
File : nvt/fcore_2009_1641.nasl
2009-02-13 Name : Fedora Update for moodle FEDORA-2008-11577
File : nvt/gb_fedora_2008_11577_moodle_fc9.nasl
2009-02-13 Name : Fedora Update for moodle FEDORA-2008-11550
File : nvt/gb_fedora_2008_11550_moodle_fc10.nasl
2009-02-02 Name : SuSE Security Summary SUSE-SR:2009:003
File : nvt/suse_sr_2009_003.nasl
2009-01-26 Name : Fedora Core 10 FEDORA-2009-0819 (moodle)
File : nvt/fcore_2009_0819.nasl
2009-01-26 Name : Fedora Core 9 FEDORA-2009-0814 (moodle)
File : nvt/fcore_2009_0814.nasl
2008-12-29 Name : Ubuntu USN-698-2 (nagios3)
File : nvt/ubuntu_698_2.nasl
2008-12-29 Name : Ubuntu USN-699-1 (blender)
File : nvt/ubuntu_699_1.nasl
2008-12-29 Name : Debian Security Advisory DSA 1691-1 (moodle)
File : nvt/deb_1691_1.nasl
2008-11-01 Name : FreeBSD Ports: wordpress, de-wordpress, wordpress-mu
File : nvt/freebsd_wordpress8.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200805-04 (egroupware)
File : nvt/glsa_200805_04.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
52467 HotPot Module for Moodle report.php hotpot_delete_selected_attempts Function ...

52465 Moodle User Editing Interface Unspecified Remote Privilege Escalation

50627 Moodle Wiki Page Names Unspecified XSS

49943 Smarty libs/Smarty_Compiler.class.php _expand_quoted_text() Function Arbitrar...

49261 Snoopy _httpsrequest() Function Arbitrary Shell Command Injection

47128 Moodle Edit Profile Page CSRF

47127 Moodle blog/edit.php etitle Parameter XSS

43677 KSES class.kses.inc.php _bad_protocol_once() Function HTML Filter Bypass

36366 Moodle index.php search Parameter XSS

Moodle contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'search' variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Nessus® Vulnerability Scanner

Date Description
2017-10-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-899.nasl - Type : ACT_GATHER_INFO
2017-02-21 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201702-26.nasl - Type : ACT_GATHER_INFO
2010-06-03 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201006-13.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1871.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1919.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_moodle-090119.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_moodle-080801.nasl - Type : ACT_GATHER_INFO
2009-06-25 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-791-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-658-1.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9903.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-052.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2008-10409.nasl - Type : ACT_GATHER_INFO
2009-01-22 Name : The remote openSUSE host is missing a security update.
File : suse_moodle-5938.nasl - Type : ACT_GATHER_INFO
2008-12-22 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1691.nasl - Type : ACT_GATHER_INFO
2008-11-09 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9508.nasl - Type : ACT_GATHER_INFO
2008-11-09 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9502.nasl - Type : ACT_GATHER_INFO
2008-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9420.nasl - Type : ACT_GATHER_INFO
2008-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9401.nasl - Type : ACT_GATHER_INFO
2008-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9304.nasl - Type : ACT_GATHER_INFO
2008-11-07 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9257.nasl - Type : ACT_GATHER_INFO
2008-10-27 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3a4a3e9ca1fe11dd81be001c2514716c.nasl - Type : ACT_GATHER_INFO
2008-08-07 Name : The remote openSUSE host is missing a security update.
File : suse_moodle-5487.nasl - Type : ACT_GATHER_INFO
2008-08-07 Name : The remote openSUSE host is missing a security update.
File : suse_moodle-5488.nasl - Type : ACT_GATHER_INFO
2008-07-16 Name : The remote openSUSE host is missing a security update.
File : suse_moodle-5439.nasl - Type : ACT_GATHER_INFO
2008-07-10 Name : The remote Fedora host is missing a security update.
File : fedora_2008-6226.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-04.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:28:05
  • Multiple Updates