Vulnerabilities > CVE-2005-2247 - Unspecified vulnerability in Moodle

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

moodle

critical

nessus

NVD

Published: 2005-07-12

Updated: 2020-12-01

Summary

Multiple unknown vulnerabilities in Moodle before 1.5.1 have unknown impact and attack vectors.

Vulnerable Configurations

Part	Description	Count
Application	Moodle Moodle Moodle 1.1.1 Moodle Moodle 1.2.0 Moodle Moodle 1.2.1 Moodle Moodle 1.3.0 Moodle Moodle 1.3.1 Moodle Moodle 1.3.2 Moodle Moodle 1.3.3 Moodle Moodle 1.3.4 Moodle Moodle 1.4.1 Moodle Moodle 1.4.2 Moodle Moodle 1.4.3 Moodle Moodle 1.4.4 Moodle Moodle 1.4.5 Moodle Moodle 1.5 Moodle Moodle 1.5_Beta	15

Nessus

NASL family	CGI abuses
NASL id	MOODLE_151.NASL
description	According to its banner, the version of Moodle installed on the remote host is affected by multiple unspecified vulnerabilities.
last seen	2020-06-01
modified	2020-06-02
plugin id	18691
published	2005-07-13
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/18691
title	Moodle < 1.5.1 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(18691); script_version("1.13"); script_cvs_date("Date: 2018/06/13 18:56:28"); script_cve_id("CVE-2005-2247"); script_bugtraq_id(14224); script_name(english:"Moodle < 1.5.1 Multiple Vulnerabilities"); script_summary(english:"Checks for multiple vulnerabilities in Moodle < 1.5.1."); script_set_attribute(attribute:"synopsis", value: "The remote web server contains a PHP application that is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of Moodle installed on the remote host is affected by multiple unspecified vulnerabilities."); script_set_attribute(attribute:"see_also", value:"http://moodle.org/doc/index.php?file=release.html"); script_set_attribute(attribute:"solution", value:"Upgrade to Moodle 1.5.1 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2005/07/08"); script_set_attribute(attribute:"patch_publication_date", value:"2005/07/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:moodle:moodle"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc."); script_dependencies("moodle_detect.nasl"); script_require_keys("www/PHP", "installed_sw/Moodle"); script_require_ports("Services/www", 80); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); include("install_func.inc"); app = "Moodle"; get_install_count(app_name:app, exit_if_zero:TRUE); port = get_http_port(default:80, php:TRUE); install = get_single_install( app_name : app, port : port, exit_if_unknown_ver : TRUE ); dir = install['path']; version = install['version']; install_url = build_url(port:port, qs:dir); if (version =~ "^1\.([0-4]($\|[^0-9])\|5([^0-9]\|$))") { if (report_verbosity > 0) { report = '\n URL : ' + install_url + '\n Installed version : ' + version + '\n Fixed version : 1.5.1' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); } else audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);

Summary

Vulnerable Configurations

Nessus

References