QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4302

Published: Jul 11, 2012

Modified: Aug 7, 2024

PUBLISHED

Description

mnet/xmlrpc/client.php in MNET in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not properly process the return value of the openssl_verify function, which allows remote attackers to bypass validation via a crafted certificate.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://moodle.org/mod/forum/discuss.php?d=188314

x_refsource_CONFIRM

http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=54941685e3e86ec085641dcb7ebb1f96f06735b2

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=747444

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.