Lucene search
Veracode Vulnerability DatabaseVERACODE:4345HistoryJun 01, 2017 - 5:52 a.m.
Information Disclosure
2017-06-0105:52:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.005
Percentile
77.0%
Moodle is vulnerable to information disclosure. Moodle redirects users from an HTTPS url to an HTTP url in auth/ldap/ntlmsso_attempt.php allowing the attackers to obtain sensitive information through sniffing the network.
References
git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=9d8d2ee6192e8b7ebb6713bd6215e06f94e2a9f7
git.moodle.org/gw?p=moodle.git;a=commit;h=9d8d2ee6192e8b7ebb6713bd6215e06f94e2a9f7
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76960
Related
cvelist
cvelist
CVE-2012-3394
2012-07-23 21:00:00
nvd
nvd
CVE-2012-3394
2012-07-23 21:55:04
prion
prion
Information disclosure
2012-07-23 21:55:00
cve
cve
CVE-2012-3394
2012-07-23 21:55:04
ubuntucve
ubuntucve
CVE-2012-3394
2012-07-23 00:00:00
nessus
nessus
Moodle 2.0.x < 2.0.10 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.1.x < 2.1.7 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.2.x < 2.2.4 Multiple Vulnerabilities
2016-07-21 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2012-11028
2012-08-03 00:00:00
Fedora Update for moodle FEDORA-2012-11039
2012-08-30 00:00:00
Fedora Update for moodle FEDORA-2012-11039
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: moodle-2.0.10-1.fc16
2012-08-01 22:27:44
[SECURITY] Fedora 17 Update: moodle-2.2.4-1.fc17
2012-08-01 22:28:41