CVE-2009-4304

Опубликовано: 16 дек. 2009

Источник: debian

EPSS Низкий

Описание

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
moodle	fixed	1.9.8-1		package
moodle	no-dsa		lenny	package
moodle	no-dsa		etch	package

Примечания

MSA-09-0029

EPSS

Процентиль: 78%

0.01245

Низкий

Связанные уязвимости

CVE-2009-4304

ubuntu

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

CVE-2009-4304

redhat

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

CVE-2009-4304

nvd

больше 15 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

GHSA-gmx9-p92v-48wf

github

около 3 лет назад

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.

EPSS

Процентиль: 78%

0.01245

Низкий