Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2009-4301 - CERT CVE
CVE-2009-4301
ID
CVE-2009-4301
Sažetak
mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
Reference
http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.16.2.10&r2=1.16.2.11
http://cvs.moodle.org/moodle/mnet/lib.php?r1=1.9.2.7&r2=1.9.2.8
http://docs.moodle.org/en/Moodle_1.8.11_release_notes
http://docs.moodle.org/en/Moodle_1.9.7_release_notes
http://moodle.org/mod/forum/discuss.php?d=139106
http://secunia.com/advisories/37614
http://www.securityfocus.com/bid/37244
http://www.vupen.com/english/advisories/2009/3455
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.html
CVSS
Base:
6.0
Impact:
6.4
Exploitability:
6.8
Pristup
Vektor
Složenost
Autentikacija
NETWORK
MEDIUM
SINGLE
Impact
Povjerljivost
Cjelovitost
Dostupnost
PARTIAL
PARTIAL
PARTIAL
CVSS vektor
AV:N/AC:M/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje
01-12-2020 - 14:43
Objavljeno
16-12-2009 - 01:30
