Description: | Theoretically possible to extract files anywhere on the system where the web server has write access. Although it is quite difficult to exploit since attacking user must know details about the system and already have significant permissions on the site. |
Issue summary: | Authentication in mdeploy can be bypassed |
Severity/Risk: | Serious |
Versions affected: | 2.8 to 2.8.3, 2.7 to 2.7.5, 2.6 to 2.6.8 and earlier unsupported versions |
Versions fixed: | 2.8.4, 2.7.6 and 2.6.9 |
Reported by: | Frédéric Massart |
Issue no.: | MDL-49087 |
Workaround: | Delete the file mdeploy.php or prevent access to it in the web server config |
CVE identifier: | CVE-2015-2267 |
Changes (master): | http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49087 |