CVE-2009-4304 in Ubuntu

CVE-2009-4304

Priority

Medium

Description

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random
password salt in config.php, which makes it easier for attackers to conduct
brute-force password guessing attacks.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4304

Package

Source: moodle (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 8.04 LTS (Hardy Heron):	ignored (reached end-of-life)
Ubuntu 10.04 LTS (Lucid Lynx):	needed
Ubuntu 11.10 (Oneiric Ocelot):	not-affected (1.9.9.dfsg2-3)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (1.9.9.dfsg2-6)
Ubuntu 12.10 (Quantal Quetzal):	not-affected (1.9.9.dfsg2-6)
Ubuntu 13.04 (Raring Ringtail):	not-affected (1.9.9.dfsg2-6)

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2013-04-25 17:14:08 UTC (commit 6757)