[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [school-discuss] Fwd: Moodle <=1.6dev blind SQL Injection

To: schoolforge-discuss@xxxxxxxxxxxxxxx
Subject: Re: [school-discuss] Fwd: Moodle <=1.6dev blind SQL Injection
From: Miles Berry <mberry@xxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 11 Nov 2005 05:42:54 +0000
Delivered-to: archiver@seul.org
Delivered-to: schoolforge-discuss-outgoing@seul.org
Delivered-to: schoolforge-discuss@seul.org
Delivery-date: Fri, 11 Nov 2005 00:43:08 -0500
In-reply-to: <20051110211643.GH16364@osdn.org.ua>
References: <20051110211643.GH16364@osdn.org.ua>
Reply-to: schoolforge-discuss@xxxxxxxxxxxxxxx
Sender: owner-schoolforge-discuss@xxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)

There is an immediate fix and a draft patch posted on moodle.org at
http://moodle.org/mod/forum/discuss.php?d=34185 , together with a heated
discussion on the merits, or otherwise, of publishing security issues in
open source software.
Miles.

Michael Shigorin wrote:
> JFYI
> 
> ----- Forwarded message from retrogod/aliceposta.it -----
> 
> Date: 10 Nov 2005 20:25:51 -0000
> From: retrogod/aliceposta.it
> To: bugtraq/securityfocus.com
> Subject: Moodle <=1.6dev blind SQL Injection
> 
...

References:
- [school-discuss] Fwd: Moodle <=1.6dev blind SQL Injection
  - From: Michael Shigorin

Prev by Author: Re: [school-discuss] Wiki spam
Next by Author: Re: [school-discuss] powering on K12LTSP network after power glitch
Previous by thread: [school-discuss] printer connected to thin client
Next by thread: [school-discuss] Wiki spam: one possible solution
Index(es):
- Author
- Thread