USN-658-1: Moodle vulnerability
23 October 2008
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 8.04 LTS
- Ubuntu 7.10
Lukasz Pilorz discovered that the HTML filtering used in Moodle was not strict enough. A remote attacker could send malicious requests to Moodle and execute arbitrary code as the web server user.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the necessary changes.