me: CVE-2009-0501 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0501 Assigned: 20090209 Reference: MLIST:[oss-security] 20090204 CVS request - Moodle Reference: URL: http://www.openwall.com/lists/oss-security/2009/02/04/1 Reference: CONFIRM: http://moodle.org/security/ Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1.9.4 allows attackers to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors. Additional information from upstream (http://moodle.org/security/) MSA-09-0006: Calendar export may allow brute force attacks Versions affected: < 1.9.4, < 1.8.8, < 1.7.7 http://cvs.moodle.org/moodle/calendar/export_execute.php?r1=1.2.4.5&r2=1.2.4.6
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F10/FEDORA-2009-1699 https://admin.fedoraproject.org/updates/F9/FEDORA-2009-1641