Advisories ยป MGASA-2015-0464

Updated moodle packages fix security vulnerability

Publication date: 05 Dec 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5332 , CVE-2015-5335 , CVE-2015-5336 , CVE-2015-5337 , CVE-2015-5338 , CVE-2015-5339 , CVE-2015-5340 , CVE-2015-5341 , CVE-2015-5342

Description

In Moodle before 2.8.9, if guest access is open on the site,
unauthenticated users can store Atto draft data through the editor
autosave area, which could be exploited in a denial of service attack
(CVE-2015-5332).

In Moodle before 2.8.9, due to a CSRF issue in the site registration form,
it is possible to trick a site admin into sending aggregate stats to an
arbitrary domain. The attacker can send the admin a link to a site
registration form that will display the correct URL but, if submitted,
will register with another hub (CVE-2015-5335).

In Moodle before 2.8.9, the standard survey module is vulnerable to XSS
attack by students who fill the survey (CVE-2015-5336).

In Moodle before 2.8.9, there was a reflected XSS vulnerability in the
Flowplayer flash video player (CVE-2015-5337).

In Moodle before 2.8.9, password-protected lesson modules are subject to a
CSRF vulnerability in the lesson login form (CVE-2015-5338).

In Moodle before 2.8.9, through web service core_enrol_get_enrolled_users
it is possible to retrieve list of course participants who would not be
visible when using web site (CVE-2015-5339).

In Moodle before 2.8.9, logged in users who do not have capability 'View
available badges without earning them' can still access the full list of
badges (CVE-2015-5340).

In Moodle before 2.8.9, the SCORM module allows to bypass access
restrictions based on date and lets users view the SCORM contents
(CVE-2015-5341).

In Moodle before 2.8.9, the choice module closing date can be bypassed,
allowing users to delete or submit new responses after the choice module
was closed (CVE-2015-5342).
                

References

SRPMS

5/core