Bug 1186782 (CVE-2015-1493) - CVE-2015-1493 moodle: Directory Traversal Attack possible through some files serving JS (MSA-15-0009)
Summary: CVE-2015-1493 moodle: Directory Traversal Attack possible through some files ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-1493
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1190119
Blocks: 1186783
TreeView+ depends on / blocked
 
Reported: 2015-01-28 14:25 UTC by Vasyl Kaigorodov
Modified: 2021-02-17 05:42 UTC (History)
2 users (show)

Fixed In Version: Moodle 2.8.3, 2.7.5 and 2.6.8
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-08-22 15:37:19 UTC
Embargoed:

Attachments (Terms of Use)

Description Vasyl Kaigorodov 2015-01-28 14:25:31 UTC 
Upstream reports:

Parameter "file" passed to scripts serving JS was not always cleaned from including "../" in the path, allowing to read files located outside of moodle directory. All OS are affected but especially vulnerable are Windows servers
Reported by:       Emiel Florijn
Issue no.:         MDL-48980
Workaround:        Prevent access to URLs containing "../" or "..\" in web server configuration
Changes (master):  http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48980
Comment 1 Vasyl Kaigorodov 2015-02-06 11:46:31 UTC 
Created moodle tracking bugs for this issue:

Affects: fedora-all [bug 1190119]
Comment 2 Kurt Seifried 2015-02-13 21:56:00 UTC 
Upstream reference: https://moodle.org/mod/forum/discuss.php?d=279956
Comment 3 Kurt Seifried 2015-07-16 01:21:49 UTC 
Mitigation:

Prevent access to URLs containing "../" or "..\" in web server configuration
Note You need to log in before you can comment on or make changes to this bug.