Upstream information

CVE-2010-1616 at MITRE

Description

Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teachers to create new accounts even if they do not have the moodle/user:create capability.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 4
Vector AV:N/AC:L/Au:S/C:N/I:P/A:N
Access Vector Network
Access Complexity Low
Authentication Single
Confidentiality Impact None
Integrity Impact Partial
Availability Impact None
SUSE Bugzilla entry: 591850 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • moodle-debuginfo >= 1.9.8-0.1
openSUSE 11.0
  • moodle >= 1.9.8-0.1
  • moodle-af >= 1.9.8-0.1
  • moodle-ar >= 1.9.8-0.1
  • moodle-be >= 1.9.8-0.1
  • moodle-bg >= 1.9.8-0.1
  • moodle-bs >= 1.9.8-0.1
  • moodle-ca >= 1.9.8-0.1
  • moodle-cs >= 1.9.8-0.1
  • moodle-da >= 1.9.8-0.1
  • moodle-de >= 1.9.8-0.1
  • moodle-de_du >= 1.9.8-0.1
  • moodle-el >= 1.9.8-0.1
  • moodle-es >= 1.9.8-0.1
  • moodle-et >= 1.9.8-0.1
  • moodle-eu >= 1.9.8-0.1
  • moodle-fa >= 1.9.8-0.1
  • moodle-fi >= 1.9.8-0.1
  • moodle-fr >= 1.9.8-0.1
  • moodle-ga >= 1.9.8-0.1
  • moodle-gl >= 1.9.8-0.1
  • moodle-he >= 1.9.8-0.1
  • moodle-hi >= 1.9.8-0.1
  • moodle-hr >= 1.9.8-0.1
  • moodle-hu >= 1.9.8-0.1
  • moodle-id >= 1.9.8-0.1
  • moodle-is >= 1.9.8-0.1
  • moodle-it >= 1.9.8-0.1
  • moodle-ja >= 1.9.8-0.1
  • moodle-ka >= 1.9.8-0.1
  • moodle-km >= 1.9.8-0.1
  • moodle-kn >= 1.9.8-0.1
  • moodle-ko >= 1.9.8-0.1
  • moodle-lt >= 1.9.8-0.1
  • moodle-lv >= 1.9.8-0.1
  • moodle-mi_tn >= 1.9.8-0.1
  • moodle-ms >= 1.9.8-0.1
  • moodle-nl >= 1.9.8-0.1
  • moodle-nn >= 1.9.8-0.1
  • moodle-no >= 1.9.8-0.1
  • moodle-pl >= 1.9.8-0.1
  • moodle-pt >= 1.9.8-0.1
  • moodle-ro >= 1.9.8-0.1
  • moodle-ru >= 1.9.8-0.1
  • moodle-sk >= 1.9.8-0.1
  • moodle-sl >= 1.9.8-0.1
  • moodle-so >= 1.9.8-0.1
  • moodle-sq >= 1.9.8-0.1
  • moodle-sr >= 1.9.8-0.1
  • moodle-sv >= 1.9.8-0.1
  • moodle-th >= 1.9.8-0.1
  • moodle-tl >= 1.9.8-0.1
  • moodle-tr >= 1.9.8-0.1
  • moodle-uk >= 1.9.8-0.1
  • moodle-vi >= 1.9.8-0.1
  • moodle-zh_cn >= 1.9.8-0.1
openSUSE 11.1
  • moodle-debuginfo >= 1.9.8-0.1.1
openSUSE 11.1
  • moodle >= 1.9.8-0.1.1
  • moodle-af >= 1.9.8-0.1.1
  • moodle-ar >= 1.9.8-0.1.1
  • moodle-be >= 1.9.8-0.1.1
  • moodle-bg >= 1.9.8-0.1.1
  • moodle-bs >= 1.9.8-0.1.1
  • moodle-ca >= 1.9.8-0.1.1
  • moodle-cs >= 1.9.8-0.1.1
  • moodle-da >= 1.9.8-0.1.1
  • moodle-de >= 1.9.8-0.1.1
  • moodle-de_du >= 1.9.8-0.1.1
  • moodle-el >= 1.9.8-0.1.1
  • moodle-es >= 1.9.8-0.1.1
  • moodle-et >= 1.9.8-0.1.1
  • moodle-eu >= 1.9.8-0.1.1
  • moodle-fa >= 1.9.8-0.1.1
  • moodle-fi >= 1.9.8-0.1.1
  • moodle-fr >= 1.9.8-0.1.1
  • moodle-ga >= 1.9.8-0.1.1
  • moodle-gl >= 1.9.8-0.1.1
  • moodle-he >= 1.9.8-0.1.1
  • moodle-hi >= 1.9.8-0.1.1
  • moodle-hr >= 1.9.8-0.1.1
  • moodle-hu >= 1.9.8-0.1.1
  • moodle-id >= 1.9.8-0.1.1
  • moodle-is >= 1.9.8-0.1.1
  • moodle-it >= 1.9.8-0.1.1
  • moodle-ja >= 1.9.8-0.1.1
  • moodle-ka >= 1.9.8-0.1.1
  • moodle-km >= 1.9.8-0.1.1
  • moodle-kn >= 1.9.8-0.1.1
  • moodle-ko >= 1.9.8-0.1.1
  • moodle-lt >= 1.9.8-0.1.1
  • moodle-lv >= 1.9.8-0.1.1
  • moodle-mi_tn >= 1.9.8-0.1.1
  • moodle-ms >= 1.9.8-0.1.1
  • moodle-nl >= 1.9.8-0.1.1
  • moodle-nn >= 1.9.8-0.1.1
  • moodle-no >= 1.9.8-0.1.1
  • moodle-pl >= 1.9.8-0.1.1
  • moodle-pt >= 1.9.8-0.1.1
  • moodle-ro >= 1.9.8-0.1.1
  • moodle-ru >= 1.9.8-0.1.1
  • moodle-sk >= 1.9.8-0.1.1
  • moodle-sl >= 1.9.8-0.1.1
  • moodle-so >= 1.9.8-0.1.1
  • moodle-sq >= 1.9.8-0.1.1
  • moodle-sr >= 1.9.8-0.1.1
  • moodle-sv >= 1.9.8-0.1.1
  • moodle-th >= 1.9.8-0.1.1
  • moodle-tl >= 1.9.8-0.1.1
  • moodle-tr >= 1.9.8-0.1.1
  • moodle-uk >= 1.9.8-0.1.1
  • moodle-vi >= 1.9.8-0.1.1
  • moodle-zh_cn >= 1.9.8-0.1.1