Vulnerabilities > CVE-2015-2268 - Resource Management Errors vulnerability in Moodle

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
moodle
CWE-399
nessus

Summary

filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression.

Vulnerable Configurations

Part Description Count
Application
Moodle
170

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-4530.NASL
    descriptionUpdate to latest versions of the respective branches. f20 has been updated from 2.5.x to 2.6.x because 2.5.x is EOL. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-04-07
    plugin id82601
    published2015-04-07
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82601
    titleFedora 20 : moodle-2.6.10-1.fc20 (2015-4530)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-4613.NASL
    descriptionUpdate to latest versions of the respective branches. f20 has been updated from 2.5.x to 2.6.x because 2.5.x is EOL. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-04-22
    plugin id82939
    published2015-04-22
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82939
    titleFedora 22 : moodle-2.8.5-1.fc22 (2015-4613)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2015-4724.NASL
    descriptionUpdate to latest versions of the respective branches. f20 has been updated from 2.5.x to 2.6.x because 2.5.x is EOL. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2015-04-07
    plugin id82610
    published2015-04-07
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/82610
    titleFedora 21 : moodle-2.7.7-1.fc21 (2015-4724)