Lucene search
Veracode Vulnerability DatabaseVERACODE:4474HistoryJun 23, 2017 - 5:05 a.m.
Privilege Escalation
2017-06-2305:05:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
EPSS
0.003
Percentile
69.7%
Moodle is vulnerable to privilege escalation attacks. The attacks are possible because it does not properly handle WebDav repository privileges. Therefore, any authenticated users are able to modify, read, or delete arbitrary site-wide repositories.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
openwall.com/lists/oss-security/2013/03/25/2
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37852
moodle.org/mod/forum/discuss.php?d=225348
Related
prion
prion
Design/Logic Flaw
2013-03-25 21:55:00
osv
osv
Moodle does not properly manage privileges for WebDAV repositories
2022-05-13 01:12:58
nvd
nvd
CVE-2013-1836
2013-03-25 21:55:04
ubuntucve
ubuntucve
CVE-2013-1836
2013-03-11 00:00:00
cvelist
cvelist
CVE-2013-1836
2013-03-25 21:00:00
cve
cve
CVE-2013-1836
2013-03-25 21:55:04
github
github
Moodle does not properly manage privileges for WebDAV repositories
2022-05-13 01:12:58
nessus
nessus
Fedora 17 : moodle-2.2.9-1.fc17 (2013-4404)
2013-04-03 00:00:00
Fedora 18 : moodle-2.3.6-1.fc18 (2013-4387)
2013-04-03 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: moodle-2.3.6-1.fc18
2013-04-03 04:44:25
[SECURITY] Fedora 17 Update: moodle-2.2.9-1.fc17
2013-04-03 04:26:27
openvas
openvas
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4404
2013-04-05 00:00:00
Fedora Update for moodle FEDORA-2013-4387
2013-04-05 00:00:00