CVE-2009-4301
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-4301
Status
Candidate
Description
mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
Severity
Medium
CVSS score
6
CVSS vector
(AV:N/AC:M/Au:S/C:P/I:P/A:P)
Phase
Assigned (16.12.2009)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4301
References
BID :
37244
CONFIRM :
http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16....
CONFIRM :
http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2...
CONFIRM :
http://docs.moodle.org/en/Moodle_1.8.11_release_notes
CONFIRM :
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
CONFIRM :
http://moodle.org/mod/forum/discuss.php?d=139106
FEDORA :
FEDORA-2009-13040
FEDORA :
FEDORA-2009-13065
FEDORA :
FEDORA-2009-13080
SECUNIA :
37614
VUPEN :
ADV-2009-3455
SecurityVulns:
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
