Moodle Forum 'post.php' Unauthorized Post Deletion CSRF

medium Nessus Plugin ID 35749

Synopsis

The remote web server contains a PHP application that is affected by a cross-site request forgery vulnerability.

Description

The 'forum' code in the version of Moodle installed on the remote host is affected by a cross-site request forgery vulnerability due to a failure to properly validate requests before deleting forum posts. If an attacker can trick a Moodle user into clicking on a malicious link, this issue could be leveraged to delete the user's posts.

Note that this install is also likely affected by several other vulnerabilities, including one allowing for arbitrary code execution, although Nessus has not checked for them.

Solution

Upgrade to Moodle version 1.9.4 / 1.8.8 / 1.7.7 or later.

See Also

http://docs.moodle.org/en/Moodle_1.9.4_release_notes

http://docs.moodle.org/en/Moodle_1.8.8_release_notes

https://moodle.org/mod/forum/discuss.php?d=115529

Plugin Details

Severity: Medium

ID: 35749

File Name: moodle_forum_csrf.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 2/27/2009

Updated: 6/6/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:moodle:moodle

Required KB Items: www/PHP, installed_sw/Moodle

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2009-0499

BID: 33615

CWE: 352

SECUNIA: 33775