QwikSec

Security Database

CVE

CWE

Training

CVE-2011-4592

Published: Jul 20, 2012

Modified: Aug 7, 2024

PUBLISHED

Description

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugzilla.redhat.com/show_bug.cgi?id=761248

x_refsource_CONFIRM

http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=ade30ad3c420ce035a3d68287db701b70e806b3f

x_refsource_CONFIRM

http://moodle.org/mod/forum/discuss.php?d=191761

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.