Security announcements

MSA-08-0005: Bypassing restriction on multiple file uploads

by Petr Skoda -
Topic:Bypassing restriction on multiple file uploads
Severity:Low
Versions affected: <1.7.x
<1.8.4
Reported by:Elites0ft Administrator
Issue no.:MDL-11783
Solution: Upgrade to 1.8.4 or latest stable snapshot.
In case of 1.7.x apply patch from http://cvs.moodle.org/moodle/mod/assignment/type/upload/assignment.class.php?r1=1.32.2.2&r2=1.32.2.3
Discuss this topic  (0 replies so far)

MSA-08-0004: XSS in install.php before installation

by Petr Skoda -
Topic:XSS in install.php before config.php created - no action required on working installations
Severity:Very low
Versions affected: 1.5.x
<1.6.6
<1.7.4
<1.8.4
Reported by:Hanno Boeck (schokokeks)
Issue no.:MDL-12869
Solution: It is recommended to finish installation after uploading of Moodle files. Always use latest stable version for initial installation.
Discuss this topic  (0 replies so far)

MSA-08-0003: Insufficient access control in Login as feature

by Petr Skoda -
Topic:Insufficient access control in Login as feature
Severity:Critical
Versions affected:1.8-1.8.3
Reported by:Johannes Kuhn
Issue no.: MDL-12911
Solution: upgrade to 1.8.4
Patch: MOODLE_18_STABLE http://cvs.moodle.org/moodle/course/loginas.php?r1=1.44.2.1&r2=1.44.2.2

Description:

Critical security problem was discovered in course/loginas.php script. Please make a full update or at least replace this file with latest version from 1.8.4.

Discuss this topic  (0 replies so far)

MSA-08-0001: Access elevation in user edit form

by Petr Skoda -
Topic:Access elevation in user edit form
Severity:Critical
Versions affected:1.5.x
<1.6.6
<1.7.3
Reported by:Gustav Delius
Issue no.:MDL-11663
Solution:upgrade to 1.6.6, 1.7.3 or any other latest stable release
Patches: MOODLE_16_STABLE http://cvs.moodle.org/moodle/user/edit.php?r1=1.112.2.4&r2=1.112.2.4.2.1
MOODLE_17_STABLE http://cvs.moodle.org/moodle/user/edit.php?r1=1.126.2.5&r2=1.126.2.6

Description:

Gustav Delius discovered and reported critical security problem in user editing interface which allows any registered user to significantly elevate his/her own permissions.

Discuss this topic  (0 replies so far)

MSA-08-0002: register_globals=on not supported

by Petr Skoda -
Topic:register_globals=on not supported
Severity:Critical
Versions affected:all past and future versions
Reported by:moodle.com
Issue no.: MDL-12914
Solution: set register_globals=off

Description:

Recently we have discovered several security problems in Moodle code exploitable when register_globals are enabled. This setting is considered to be highly problematic and is the most common source of security problems in PHP applications and PHP itself.

Due to the frequency of reported bugs in Moodle core and extensions caused by this obsoleted setting we have decided to stop supporting servers with register_globals=on completely. Please note that PHP developers do not considered this feature suitable for production servers and it will be completely removed in PHP6.

Latest Moodle versions print a warning on administration notification page if enabled register_globals detected. Please make sure all your servers are properly configured.

Discuss this topic  (1 reply so far)