Moodle

Security Focus reporting remote exploit in TeX filter

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Not a bug
  • Affects Version/s: 1.9.3
  • Fix Version/s: None
  • Component/s: Filters
  • Labels:
    None
  • Affected Branches:
    MOODLE_19_STABLE

Description

Don't know if this is for real or not, but ran across this report a few minutes ago:

http://www.securityfocus.com/archive/1/499219/30/0/threaded

They're claiming it against 1.9.3.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Petr Škoda (skodak) added a comment -

the report is not accurate because Moodle is not compatible with register globals - see http://moodle.org/mod/forum/discuss.php?d=87969

thanks for the report

Show
Petr Škoda (skodak) added a comment - the report is not accurate because Moodle is not compatible with register globals - see http://moodle.org/mod/forum/discuss.php?d=87969 thanks for the report
Hide
Permalink
Petr Škoda (skodak) added a comment -

the tex filter bug was fixed already

Show
Petr Škoda (skodak) added a comment - the tex filter bug was fixed already
Hide
Permalink
Tony Hursh added a comment -

Thanks, Petr.

I've seen probes for this in the logs for two of my own servers.

We don't have register_globals turned on for any of them, though.

Show
Tony Hursh added a comment - Thanks, Petr. I've seen probes for this in the logs for two of my own servers. We don't have register_globals turned on for any of them, though.

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.