Moodle 1.9.x < 1.9.17 Multiple Vulnerabilities

The remote web server hosts Moodle, an open-source course management system. Versions of Moodle 1.9.x prior to 1.9.17 are exposed to the following vulnerabilities :

• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when handling permissions in the database activity module, which will disclose database entry information to a remote attacker. (CVE-2012-1155)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input is passed to the ‘repository/coursefiles/db/access.php’, ‘repository/filesystem/db/access.php’, ‘repository/local/db/access.php’, and ‘repository/webdav/db/access.php’ scripts, which will disclose Repository information to a remote attacker. (CVE-2012-1157)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when permissions are incorrectly handled by the ‘grade/export/grade_export_form.php’ script in the ‘definition()’ function, which will disclose hidden grades to a remote attacker. (CVE-2012-1158)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when access permissions are handled incorrectly by the ‘fill_table()’ function in the ‘grade/report/overview/lib.php’ script when viewing the overview report, which will disclose hidden courses to a remote attacker. (CVE-2012-1159)
• A flaw exists related to the ‘mod/forum/index.php’ script. This flaw may allow an attacker to subscribe to course forums that may otherwise be restricted. (CVE-2012-1160)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when input passed via the ‘coursetag_get_tagged_courses()’ function in the ‘tag/coursetagslib.php’ script is not properly verified before being used in a search, which will disclose a hidden course to a remote attacker. (CVE-2012-1161)
• A flaw exists related to the ‘core_user_update_users’ function. An error in the function resets a password when updating users, which will allow an attacker to log in to a user’s account with a blank password. (CVE-2012-1168)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when information passed via the ‘load_for_user()’ function is not properly sanitized upon submission to the ‘lib/navigationlib.php’ script, which will disclose a user’s last name to a remote attacker. (CVE-2012-1169)
• A flaw exists that may lead to an unauthorized information disclosure. The issue is triggered when info passed via the ‘get_enrolled_users()’ function in the ‘enrol/externallib.php’ script is not properly verified before being returned to the user, which will disclose enrolled users to a remote attacker. (CVE-2012-1170)