MSA-25-0011 Exploit Detection

MSA-25-0011 Exploit Detection

Natassia Stelmaszek發表於
Number of replies: 7

I made the updates to correct this issue.  Do any of you know how I could check to see if anyone has tried to exploit this flaw?  What to look for in the logs?  Any ideas?

Natassia

評比平均分數: -
In reply to Natassia Stelmaszek

Re: MSA-25-0011 Exploit Detection

Eduardo Kraus發表於
Particularly helpful Moodlers的相片 Plugin developers的相片 Testers的相片
What would MSA-25-0011 be?
評比平均分數: -
In reply to Eduardo Kraus

Re: MSA-25-0011 Exploit Detection

Michael Hawkins發表於
Core developers的相片 Moodle HQ的相片 Particularly helpful Moodlers的相片 Peer reviewers的相片 Testers的相片
Hi Eduardo,
 
In line with our Security Procedures, information about security fixes is published to https://moodle.org/security/ approximately one week after release.
評比平均分數:Useful (2)
In reply to Michael Hawkins

Re: MSA-25-0011 Exploit Detection

Natassia Stelmaszek發表於

It sounds like you're saying that you can't tell me how to detect a compromise without revealing how to exploit the flaw, correct?

Natassia

評比平均分數: -
In reply to Natassia Stelmaszek

Re: MSA-25-0011 Exploit Detection

Michael Hawkins發表於
Core developers的相片 Moodle HQ的相片 Particularly helpful Moodlers的相片 Peer reviewers的相片 Testers的相片
Hi Natassia,

My previous reply was specifically addressing Eduado's question. However I believe you are correct, the details you are asking about would either potentially expose exploit information, or at least reveal details that are not currently published in a public forum.
評比平均分數: -
In reply to Natassia Stelmaszek

Re: MSA-25-0011 Exploit Detection

Maresa M.發表於
Particularly helpful Moodlers的相片

Hi Natassia, 

how did you come to know about MSA-25-0011 ?
I subscribe to Michael's info releases but so far nothing was released and I looked at all the version release info and couldn't find anything. Is there another spot to look up where you got the info about 0011?#

Best, Maresa

評比平均分數: -
In reply to Maresa M.

Re: MSA-25-0011 Exploit Detection

Michael Hawkins發表於
Core developers的相片 Moodle HQ的相片 Particularly helpful Moodlers的相片 Peer reviewers的相片 Testers的相片

Hi Maresa,

If you are a site administrator, you can opt in for security alerts as part of the site registration process. Sites registered for security alerts receive release and security fix information on release day, which is one week earlier than the public announcements made to https://moodle.org/security/ 

I hope that helps!

評比平均分數:Useful (1)