Lucene search
Ubuntu.comUB:CVE-2009-4302HistoryDec 16, 2009 - 12:00 a.m.
CVE-2009-4302
2009-12-1600:00:00
ubuntu.com
ubuntu.com
9
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.7%
login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7
links to an index page on the HTTP port even when the page is served from
an HTTPS port, which might cause login credentials to be sent in cleartext,
even when SSL is intended, and allows remote attackers to obtain these
credentials by sniffing.
Related
prion
prion
Design/Logic Flaw
2009-12-16 01:30:00
cve
cve
CVE-2009-4302
2009-12-16 01:30:00
cvelist
cvelist
CVE-2009-4302
2022-10-03 16:24:04
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 1986-1] New moodle packages fix several vulnerabilities
2010-02-02 19:16:42
openvas
openvas
Debian: Security Advisory (DSA-1986-1)
2010-02-10 00:00:00
Debian Security Advisory DSA 1986-1 (moodle)
2010-02-10 00:00:00
Fedora Core 11 FEDORA-2009-13080 (moodle)
2009-12-14 00:00:00
nessus
nessus
Debian DSA-1986-1 : moodle - several vulnerabilities
2010-02-24 00:00:00
openSUSE Security Update : moodle (moodle-1933)
2010-02-15 00:00:00
Fedora 12 : moodle-1.9.7-1.fc12 (2009-13065)
2009-12-14 00:00:00
osv
osv
moodle - several vulnerabilities
2010-02-02 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.7%
Related for UB:CVE-2009-4302