Bug 747444 (CVE-2011-4300, CVE-2011-4301, CVE-2011-4302, CVE-2011-4303, CVE-2011-4304, CVE-2011-4305, CVE-2011-4306, CVE-2011-4307, CVE-2011-4308, CVE-2011-4309) - moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14
Summary: moodle: Multiple security fixes in 2.1.2, 2.0.5, and 1.9.14
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2011-4300, CVE-2011-4301, CVE-2011-4302, CVE-2011-4303, CVE-2011-4304, CVE-2011-4305, CVE-2011-4306, CVE-2011-4307, CVE-2011-4308, CVE-2011-4309
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 747445 747446
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-19 20:13 UTC by Vincent Danen
Modified: 2019-09-29 12:48 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-11-18 19:51:25 UTC
Embargoed:


Attachments (Terms of Use)

Description Vincent Danen 2011-10-19 20:13:05 UTC
A number of flaws have been fixed in new upstream Moodle 2.1.2, 2.0.5, and 1.9.14.  These do not have CVEs assigned (request pending), and since Fedora/EPEL will rebase to the latest versions of each branch, I'm summarizing them all here rather than creating 16 separate bugs:


MSA-11-0041: Global search authentication issue
Affects: 2.1.x 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=5eb1cec34f013fdcb559b66bc401f2845ce0bbb7
Reference: http://moodle.org/mod/forum/discuss.php?d=188323

MSA-11-0040: Potential personal information leak
Affects: 2.1.x, 2.0.x, 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git&a=search&s=MDL-28615
Reference: http://moodle.org/mod/forum/discuss.php?d=188322

MSA-11-0039: Wiki section vulnerability
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68
Reference: http://moodle.org/mod/forum/discuss.php?d=188321

MSA-11-0038: Database injection protection strengthened
Affects: 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=4a2acd8c7e6c869d5fd5aa686e6e0a3f20c97f15
Reference: http://moodle.org/mod/forum/discuss.php?d=188320

MSA-11-0037: Course section editing injection vulnerability
Affects: 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=4a2acd8c7e6c869d5fd5aa686e6e0a3f20c97f15
Reference: http://moodle.org/mod/forum/discuss.php?d=188319

MSA-11-0036: Messaging refresh vulnerability
Affects: 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=97f258fabb3ebfa7acc7c02cb59de92b01710f99
Reference: http://moodle.org/mod/forum/discuss.php?d=188318

MSA-11-0035: Cookie-less session vulnerability
Affects: 2.1.x, 2.0.x, (1.9.x if misconfigured)
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=e1e082a809b9a2d3a408cb4d6faa34fdfcf3165c
Reference: http://moodle.org/mod/forum/discuss.php?d=188317

MSA-11-0034: Chat module information leak
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=d0157d827bc254ba386a5e5b41b13be2698ee76e
Reference: http://moodle.org/mod/forum/discuss.php?d=188316

MSA-11-0033: Site-hub registration identity issue
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=ca896fdfcfcc87846fa91a297d0aa6999a68c48a
Reference: http://moodle.org/mod/forum/discuss.php?d=188315

MSA-11-0032: MNET SSL validation issue
Affects: 2.1.x, 2.0.x, 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=54941685e3e86ec085641dcb7ebb1f96f06735b2
Reference: http://moodle.org/mod/forum/discuss.php?d=188314

MSA-11-0031: Forms API constant issue
Affects: 2.1.x, 2.0.x, 1.9.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=f1f70bd4dde6cd1ea4bdb8ab28fa3d36a53b89d8
Reference: http://moodle.org/mod/forum/discuss.php?d=188313

MSA-11-0030: Box.net repository integration authentication issue
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=3deff6c9d2bb4ab3144b3ca7b93d6a2ef6a87af2
Reference: http://moodle.org/mod/forum/discuss.php?d=188312

MSA-11-0029: File visibility issue
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=f6b07c4da54a9db24723beb147e8a19a3d487e00
Reference: http://moodle.org/mod/forum/discuss.php?d=188311

MSA-11-0028: Wiki comments XSS issue
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=a459fd90625ae44d7b3ac10b65da2dc631a418e7
Reference: http://moodle.org/mod/forum/discuss.php?d=188310

MSA-11-0027: Wiki pages reference forgery issue
Affects: 2.1.x, 2.0.x
Fix: http://git.moodle.org/gw?p=moodle.git;a=commit;h=48346fb11f8ced06a05c0618b02a3a925b34ec59
Reference: http://moodle.org/mod/forum/discuss.php?d=188309

MSA-11-0026: Fields in user upload CSV not being escaped
Affects: 1.9.x
Reference: http://moodle.org/mod/forum/discuss.php?d=182743

Comment 1 Vincent Danen 2011-11-18 19:49:44 UTC
CVE assignments (http://seclists.org/oss-sec/2011/q4/296):

MSA-11-0026: NO CVE Fields in user upload CSV not being escaped (need to be admin)

MSA-11-0027: CVE-2011-4298 Wiki pages reference forgery issue

MSA-11-0028: CVE-2011-4299 Wiki comments cross site scripting issue

MSA-11-0029: CVE-2011-4300 File visibility issue

MSA-11-0030: NO CVE Box.net repository integration authentication issue (hardening)

MSA-11-0031: CVE-2011-4301 Forms API constant issue

MSA-11-0032: CVE-2011-4302 MNET SSL validation issue

MSA-11-0033: CVE-2011-4303 Site-hub registration identity issue

MSA-11-0034: CVE-2011-4304 Chat module information leak

MSA-11-0035: NO CVE Cookie-less session vulnerability (hardening)

MSA-11-0036: CVE-2011-4305 Messaging refresh vulnerability

MSA-11-0037: CVE-2011-4306 Course section editing injection vulnerability

MSA-11-0038: NO CVE Database injection protection strengthened (hardening)

MSA-11-0039: CVE-2011-4307 Wiki section vulnerability

MSA-11-0040: CVE-2011-4308 Potential personal information leak

MSA-11-0041: CVE-2011-4309 Global search authentication issue

Comment 2 Vincent Danen 2011-11-18 19:51:25 UTC
Current Fedora 14/15 have 1.9.14.  Current Fedora 16 has 2.0.5.  Current rawhide and EPEL6 have 2.1.2.


Note You need to log in before you can comment on or make changes to this bug.