First published: Wed Dec 16 2009(Updated: )
Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for attackers to obtain credentials via unspecified vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | =1.9.4 | |
Moodle Moodle | =1.9.1 | |
Moodle Moodle | =1.8.8 | |
Moodle Moodle | =1.9.6 | |
Moodle Moodle | =1.8.2 | |
Moodle Moodle | =1.9.2 | |
Moodle Moodle | =1.8.5 | |
Moodle Moodle | =1.8.3 | |
Moodle Moodle | =1.8.9 | |
Moodle Moodle | =1.8.7 | |
Moodle Moodle | =1.8.10 | |
Moodle Moodle | =1.9.3 | |
Moodle Moodle | =1.9.5 | |
Moodle Moodle | =1.8.4 | |
Moodle Moodle | =1.8.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.