漏洞信息详情
Moodle 'config.php'随机密码暴力破解漏洞
- CNNVD编号:CNNVD-200912-212
- 危害等级: 中危
- CVE编号: CVE-2009-4304
- 漏洞类型: 信任管理问题
- 发布时间: 2009-12-16
- 威胁类型: 远程
- 更新时间: 2020-12-02
- 厂 商: moodle
- 漏洞来源: Andrea Tuccia, Adr...
漏洞简介
Moodle是一个Web在线课程系统。Moodle不使用config.php中的随机密码,更易于攻击者导致强力密码猜中攻击。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Moodle moodle 1.9
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
Debian Linux 5.0 hppa
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 ia-64
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 m68k
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 arm
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 armel
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 alpha
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 amd64
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 ia-32
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 mips
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 s/390
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 mipsel
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 powerpc
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Debian Linux 5.0 sparc
Debian moodle_1.8.2.dfsg-3+lenny3_all.deb
http://security.debian.org/pool/updates/main/m/moodle/moodle_1.8.2.dfs g-3+lenny3_all.deb
Moodle moodle 1.8.10
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.2
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.3
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.4
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.5
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.6
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.7
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.8
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.8.9
Moodle moodle-1.8.11.tgz
http://download.moodle.org/stable18/moodle-1.8.11.tgz
Moodle moodle 1.9.2
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
Moodle moodle 1.9.3
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
Moodle moodle 1.9.3
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
Moodle moodle 1.9.4
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
Moodle moodle 1.9.6
Moodle moodle-1.9.7.tgz
http://download.moodle.org/stable19/moodle-1.9.7.tgz
参考网址
来源:SECUNIA
链接:http://secunia.com/advisories/37614
来源:FEDORA
链接:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00704.HTML
来源:CONFIRM
链接:http://docs.moodle.org/en/Moodle_1.9.7_release_notes
来源:CONFIRM
链接:http://docs.moodle.org/en/Moodle_1.8.11_release_notes
来源:VUPEN
链接:http://www.vupen.com/english/advisories/2009/3455
来源:BID
链接:https://www.securityfocus.com/bid/37244
来源:CONFIRM
链接:http://moodle.org/mod/forum/discuss.php?d=139111
来源:FEDORA
链接:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00730.HTML
来源:FEDORA
链接:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00751.HTML
受影响实体
- Moodle Moodle:1.9.6
- Moodle Moodle:1.9.5
- Moodle Moodle:1.9.4
- Moodle Moodle:1.9.2
- Moodle Moodle:1.9.3
补丁
暂无
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论