Several remote vulnerabilities have been discovered in Moodle, a course management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1613 Moodle does not enable the Regenerate session id during login setting by default, which makes it easier for remote attackers to conduct session fixation attacks. CVE-2010-1614 Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspecified global search forms in the Global Search Engine. CVE-2010-1615 Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the add_to_log function in mod/wiki/view.php in the wiki module, or (2) data validation in some forms elements related to lib/form/selectgroups.php. CVE-2010-1616 Moodle can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability. CVE-2010-1617 user/view.php does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page. CVE-2010-1618 A Cross-site scripting (XSS) vulnerability in the phpCAS client library allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message. CVE-2010-1619 A Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php) allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities. CVE-2010-2228 A Cross-site scripting (XSS) vulnerability in the MNET access-control interface allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username. CVE-2010-2229 Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. CVE-2010-2230 The KSES text cleaning filter in lib/weblib.php does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input. CVE-2010-2231 A Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter. This security update switches to a new upstream version and requires database updates. After installing the fixed package, you must visit <http://localhost/moodle/admin/> and follow the update instructions. For the stable distribution (lenny), these problems have been fixed in version 1.8.13-1. For the unstable distribution (sid), these problems have been fixed in version 1.9.9.dfsg2-1. We recommend that you upgrade your moodle package.
Several remote vulnerabilities have been discovered in Moodle, a course management system. The Common Vulnerabilities and Exposures project identifies the following problems:
Moodle does not enable the Regenerate session id during
login
setting by default, which makes it easier for remote
attackers to conduct session fixation attacks.
Multiple cross-site scripting (XSS) vulnerabilities allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the Login-As feature or (2) when the global search feature is enabled, unspecified global search forms in the Global Search Engine.
Multiple SQL injection vulnerabilities allow remote attackers
to execute arbitrary SQL commands via vectors related to (1)
the add_to_log function in mod/wiki/view.php in the wiki
module, or (2) data validation in some forms elements
related to lib/form/selectgroups.php.
Moodle can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.
user/view.php does not properly check a role, which allows remote authenticated users to obtain the full names of other users via the course profile page.
A Cross-site scripting (XSS) vulnerability in the phpCAS client library allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message.
A Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php) allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities.
A Cross-site scripting (XSS) vulnerability in the MNET access-control interface allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
The KSES text cleaning filter in lib/weblib.php does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
A Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter.
This security update switches to a new upstream version and requires database updates. After installing the fixed package, you must visit <http://localhost/moodle/admin/> and follow the update instructions.
For the stable distribution (lenny), these problems have been fixed in version 1.8.13-1.
For the unstable distribution (sid), these problems have been fixed in version 1.9.9.dfsg2-1.
We recommend that you upgrade your moodle package.
MD5 checksums of the listed files are available in the original advisory.
Vulmon