Published: 15/11/2011 Updated: 15/11/2011

CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8

VMScore: 534

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Mahara prior to 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mahara mahara 1.3.5
mahara mahara 1.1.1
mahara mahara 1.0.2
mahara mahara 1.0.4
mahara mahara 1.0.12
mahara mahara 1.0.10
mahara mahara 1.1.0
mahara mahara 1.4
mahara mahara 1.3.0
mahara mahara 1.1.9
mahara mahara 1.2.0
mahara mahara 1.1
mahara mahara 1.0.5
mahara mahara 1.0.8
mahara mahara 1.0.7
mahara mahara 1.2.6
mahara mahara 1.0.13
mahara mahara 1.1.6
mahara mahara 1.1.5
mahara mahara 1.0.9
mahara mahara 1.1.2
mahara mahara 1.3.7
mahara mahara 1.0.3
mahara mahara 0.9.1
mahara mahara 1.0.1
mahara mahara 0.9.2
mahara mahara 1.0.14
mahara mahara 1.0.15
mahara mahara 1.1.7
mahara mahara 1.2.4
mahara mahara 1.2.3
mahara mahara 1.2.5
mahara mahara
mahara mahara 1.0.11
mahara mahara 1.2.1
mahara mahara 0.9.0
mahara mahara 1.3.3
mahara mahara 1.2.2
mahara mahara 1.3.4
mahara mahara 1.3.6
mahara mahara 1.0.6
mahara mahara 1.0.0
mahara mahara 1.3.1
mahara mahara 1.3.2
mahara mahara 1.1.4
mahara mahara 1.1.3
mahara mahara 1.1.8

CWE-264 http://security.debian.org/debian-security/pool/updates/main/m/mahara/mahara_1.2.6-2+squeeze3.debian.tar.gz http://www.debian.org/security/2011/dsa-2334 https://launchpad.net/mahara/+milestone/1.4.1 https://bugs.launchpad.net/mahara/+bug/884223 http://openwall.com/lists/oss-security/2011/11/04/10 http://secunia.com/advisories/46719 http://mahara.org/interaction/forum/topic.php?id=4138 http://openwall.com/lists/oss-security/2011/11/04/7 https://nvd.nist.gov

CVE-2011-4118

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect