Latest upstreams, multiple security fixes.
Name: CVE-2013-6780 URL:
https://vulners.com/cve/CVE-2013-6780 Assigned:
20131112 Reference:
https://yuilibrary.com/support/20131111-vulnerability/
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDomain parameter.
Name: CVE-2013-3630 URL:
https://vulners.com/cve/CVE-2013-3630 [Open’>https://vulners.com/cve/CVE-2013-3630’>Op en URL] Assigned: 20130521 Reference:
https://community.rapid7.com/community/metasploit/blog/2013/10/30/seve n-foss-disclosures-part-one [Open’>https://community.rapid7.com/community/metasploit/blog/2013/10/ 30/seven-foss-disclosures-part-one’>Open URL] Reference:
https://community.rapid7.com/community/metasploit/blog/2013/10/30/seve n-tricks-and-treats [Open’>https://community.rapid7.com/community/metasploit/blog/2013/10/ 30/seven-tricks-and-treats’>Open URL]
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2013-21312.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(71063);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2013-3630", "CVE-2013-6780");
script_xref(name:"FEDORA", value:"2013-21312");
script_name(english:"Fedora 20 : moodle-2.5.3-1.fc20 (2013-21312)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"Latest upstreams, multiple security fixes.
Name: CVE-2013-6780 URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6780 Assigned:
20131112 Reference:
https://yuilibrary.com/support/20131111-vulnerability/
Cross-site scripting (XSS) vulnerability in uploader.swf in the
Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote
attackers to inject arbitrary web script or HTML via the allowedDomain
parameter.
Name: CVE-2013-3630 URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630
[Open'>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630'>Op
en URL] Assigned: 20130521 Reference:
https://community.rapid7.com/community/metasploit/blog/2013/10/30/seve
n-foss-disclosures-part-one
[Open'>https://community.rapid7.com/community/metasploit/blog/2013/10/
30/seven-foss-disclosures-part-one'>Open URL] Reference:
https://community.rapid7.com/community/metasploit/blog/2013/10/30/seve
n-tricks-and-treats
[Open'>https://community.rapid7.com/community/metasploit/blog/2013/10/
30/seven-tricks-and-treats'>Open URL]
Moodle through 2.5.2 allows remote authenticated administrators to
execute arbitrary programs by configuring the aspell pathname and then
triggering a spell-check operation within the TinyMCE editor.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1025655"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1025656"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1030084"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1030085"
);
# https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-foss-disclosures-part-one
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?525142bc"
);
# https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?c21b826a"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2013-November/122440.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?d830f1df"
);
script_set_attribute(
attribute:"see_also",
value:"https://yuilibrary.com/support/20131111-vulnerability/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected moodle package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:S/C:P/I:P/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Moodle Remote Command Execution');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:moodle");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");
script_set_attribute(attribute:"patch_publication_date", value:"2013/11/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/25");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC20", reference:"moodle-2.5.3-1.fc20")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "moodle");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | moodle | p-cpe:/a:fedoraproject:fedora:moodle |
fedoraproject | fedora | 20 | cpe:/o:fedoraproject:fedora:20 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3630
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6780
www.nessus.org/u?525142bc
www.nessus.org/u?c21b826a
www.nessus.org/u?d830f1df
bugzilla.redhat.com/show_bug.cgi?id=1025655
bugzilla.redhat.com/show_bug.cgi?id=1025656
bugzilla.redhat.com/show_bug.cgi?id=1030084
bugzilla.redhat.com/show_bug.cgi?id=1030085
yuilibrary.com/support/20131111-vulnerability/