Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-791-2: Moodle vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-791-2: Moodle vulnerability
# 1  
Old 06-24-2009
USN-791-2: Moodle vulnerability
Referenced CVEs:
CVE-2009-1171


Description:
=========================================================== Ubuntu Security Notice USN-791-2 June 24, 2009 moodle vulnerability CVE-2009-1171 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: moodle 1.9.4.dfsg-0ubuntu1.1 After a standard system upgrade you need to access the Moodle instance and accept the database update to clear any invalid cached data. Details follow: Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy. (CVE-2009-1171, MSA-09-0009)





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

cpg_zcb_alloc

CPG_ZCB_ALLOC(2009-04-15)												 CPG_ZCB_ALLOC(2009-04-15)

NAME

       cpg_zcb_alloc - Allocates a zero copy buffer #include <corosync/cpg.h>

       int cpg_zcb_alloc(cpg_handle_t handle, size_t size, void **buffer);

DESCRIPTION

       The  cpg_zcb_alloc  function  will allocate a zero copy buffer for use with the cpg_zcb_mcast_joined(3) funtion.  This buffer should not be
       used in another thread while a cpg_zcb_mcast_joined operation is taking place on the buffer.  The buffer is allocated via operating  system
       mechanisms to avoid copying in the IPC layer.

       The argument handle describes the handle on which the buffer will be allocated.

       The argument size requests a buffer of size be allocated.

       The buffer argument is set to the buffer address that is allocated by this operatoin.

RETURN VALUE

       This call returns the CPG_OK value if successful, otherwise an error is returned.

ERRORS

       The errors are undocumented.

SEE ALSO

       cpg_overview(8),  cpg_initialize(3),  cpg_finalize(3),  cpg_fd_get(3),  cpg_dispatch(3),  cpg_join(3),  cpg_leave(3),  cpg_mcast_joined(3),
       cpg_membership_get(3) cpg_zcb_alloc(3) cpg_zcb_free(3) cpg_zcb_mcast_joined(3) cpg_context_get(3) cpg_context_set(3) cpg_local_get(3)

Corosync Cluster Engine Programmer's Manual			 corosync Man Page					 CPG_ZCB_ALLOC(2009-04-15)