Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-16986

Quiz IP protection broken in Moodle 1.9.2.!

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Critical Critical
    • 1.7.7, 1.8.8, 1.9.4
    • 1.9.2
    • Quiz
    • None
    • MOODLE_19_STABLE
    • MOODLE_17_STABLE, MOODLE_18_STABLE, MOODLE_19_STABLE

      Later studing logs I found a very worring issue: students can access IP-protected quizzes on our site from any computer! I try it myself under student login and found I can do this too. Also, Moodle will stop show the messages about IP-protection for the teachers if they used a computer outside valid range. This is a disaster to the security policy of our university!

      IP address range used on our quizzes: 172.16.1.143/148, 172.16.1.136/137, 172.16.1.98/126.
      Examples of addresses with student access from the logs: 85.172.119.4 or 213.234.0.194
      The role for student is a standart Moodle role, without any redefinition.

      I can e-mail you login and password to access to one of our courses with such quizzes with a student role if you can't reproduce the bug.

      Please fix this with all possible speed. I already detected about 10 student's attempts to access protected quizzes (and save it's contents with feedback, they don't even bother to try to answer the questions).

            timhunt Tim Hunt
            oa_sychev Oleg Sychev
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.