Affects Version/s: 3.1.1
Fix Version/s: None
By default, Moodle has got a public path which is accessible by everybody. The path is:
For example, if you use the moodle sandbox:
The file called cron.php is a script which is used to maintance tasks and it uses RAM memory. You can execute this file across web connection.
In this way, a malicious user could do a program which connects every second to this path to execute this file. Therefore, the malicious user consume a lot of memory and it could cause the server is down. In security, this attack is called such as Denegation of Service (DoS).
The steps are:
1. Connect to path http://XXXXXX/admin/cron.php or alternative paths such as http://XXXXX/moodle/admin/cron.php
2. When you access this path, if the administrator doesn't change the default configuration, the script called cron.php is executed.
3. Repeat the before steps all time until the web server doesn't reply. It would show a 500 Error which indicates the server is down.
Moodle has got a option to ban the web connection to execute the file cron.php but by default, it is disable, so if you want to solve this vulnerability, Moodle must have got this configuration option enabled by default.