Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0162)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0162

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0162)

Resumen: The remote host is missing an update for the 'moodle' package(s) announced via the MGASA-2013-0162 advisory.

Descripción: Summary:
The remote host is missing an update for the 'moodle' package(s) announced via the MGASA-2013-0162 advisory.

Vulnerability Insight:
The assignment module in Moodle before 2.4.4 was not checking capabilities
for users downloading all assignments as a zip (CVE-2013-2079).

The Gradebook's Overview report in Moodle before 2.4.4 was showing grade
totals that may have incorrectly included hidden grades (CVE-2013-2080).

When registering a site on a hub (not Moodle.net) site in Moodle before
2.4.4, information was being sent to the hub regardless of settings chosen
(CVE-2013-2081).

There was no check of permissions for viewing comments on blog posts in
Moodle before 2.4.4 (CVE-2013-2082).

Form elements named using a specific naming scheme were not being filtered
correctly in Moodle before 2.4.4 (CVE-2013-2083).

Affected Software/OS:
'moodle' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-2079
FEDORA-2013-8668
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html
FEDORA-2013-8692
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html
FEDORA-2013-8702
http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html
[oss-security] 20130521 Moodle security notifications public
http://openwall.com/lists/oss-security/2013/05/21/1
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443
https://moodle.org/mod/forum/discuss.php?d=228930
Common Vulnerability Exposure (CVE) ID: CVE-2013-2080
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475
https://moodle.org/mod/forum/discuss.php?d=228931
Common Vulnerability Exposure (CVE) ID: CVE-2013-2081
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822
https://moodle.org/mod/forum/discuss.php?d=228933
Common Vulnerability Exposure (CVE) ID: CVE-2013-2082
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245
https://moodle.org/mod/forum/discuss.php?d=228934
Common Vulnerability Exposure (CVE) ID: CVE-2013-2083
http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885
https://moodle.org/mod/forum/discuss.php?d=228935

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0162
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0162)
Resumen:	The remote host is missing an update for the 'moodle' package(s) announced via the MGASA-2013-0162 advisory.
Descripción:	Summary: The remote host is missing an update for the 'moodle' package(s) announced via the MGASA-2013-0162 advisory. Vulnerability Insight: The assignment module in Moodle before 2.4.4 was not checking capabilities for users downloading all assignments as a zip (CVE-2013-2079). The Gradebook's Overview report in Moodle before 2.4.4 was showing grade totals that may have incorrectly included hidden grades (CVE-2013-2080). When registering a site on a hub (not Moodle.net) site in Moodle before 2.4.4, information was being sent to the hub regardless of settings chosen (CVE-2013-2081). There was no check of permissions for viewing comments on blog posts in Moodle before 2.4.4 (CVE-2013-2082). Form elements named using a specific naming scheme were not being filtered correctly in Moodle before 2.4.4 (CVE-2013-2083). Affected Software/OS: 'moodle' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2079 FEDORA-2013-8668 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/107026.html FEDORA-2013-8692 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106988.html FEDORA-2013-8702 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106965.html [oss-security] 20130521 Moodle security notifications public http://openwall.com/lists/oss-security/2013/05/21/1 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38443 https://moodle.org/mod/forum/discuss.php?d=228930 Common Vulnerability Exposure (CVE) ID: CVE-2013-2080 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37475 https://moodle.org/mod/forum/discuss.php?d=228931 Common Vulnerability Exposure (CVE) ID: CVE-2013-2081 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37822 https://moodle.org/mod/forum/discuss.php?d=228933 Common Vulnerability Exposure (CVE) ID: CVE-2013-2082 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37245 https://moodle.org/mod/forum/discuss.php?d=228934 Common Vulnerability Exposure (CVE) ID: CVE-2013-2083 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-38885 https://moodle.org/mod/forum/discuss.php?d=228935
Copyright	Copyright (C) 2022 Greenbone AG