Lucene search
Ubuntu.comUB:CVE-2009-4302HistoryDec 16, 2009 - 12:00 a.m.
CVE-2009-4302
2009-12-1600:00:00
ubuntu.com
ubuntu.com
12
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.6%
login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7
links to an index page on the HTTP port even when the page is served from
an HTTPS port, which might cause login credentials to be sent in cleartext,
even when SSL is intended, and allows remote attackers to obtain these
credentials by sniffing.
Related
prion
prion
Design/Logic Flaw
2009-12-16 01:30:00
nvd
nvd
CVE-2009-4302
2009-12-16 01:30:00
cvelist
cvelist
CVE-2009-4302
2009-12-16 01:00:00
cve
cve
CVE-2009-4302
2009-12-16 01:30:00
nessus
nessus
Debian DSA-1986-1 : moodle - several vulnerabilities
2010-02-24 00:00:00
openSUSE Security Update : moodle (moodle-1933)
2010-02-15 00:00:00
openSUSE Security Update : moodle (moodle-1933)
2010-02-15 00:00:00
osv
osv
moodle - several vulnerabilities
2010-02-02 00:00:00
securityvulns
securityvulns
openvas
openvas
Debian: Security Advisory (DSA-1986-1)
2010-02-10 00:00:00
Debian Security Advisory DSA 1986-1 (moodle)
2010-02-10 00:00:00
Fedora Core 11 FEDORA-2009-13080 (moodle)
2009-12-14 00:00:00
debian
debian
[SECURITY] [DSA 1986-1] New moodle packages fix several vulnerabilities
2010-02-02 19:16:23
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.005
Percentile
77.6%
Related for UB:CVE-2009-4302