CVE-2009-4304

Priority
Medium
Description
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random
password salt in config.php, which makes it easier for attackers to conduct
brute-force password guessing attacks.
References
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (1.9.9.dfsg2-6)
Ubuntu 12.10 (Quantal Quetzal):not-affected (1.9.9.dfsg2-6)
Ubuntu 13.04 (Raring Ringtail):not-affected (1.9.9.dfsg2-6)
Ubuntu 13.10 (Saucy Salamander):not-affected (1.9.9.dfsg2-6)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.9.9.dfsg2-6)
More Information

Valid XHTML 1.0 Strict

Updated: 2013-12-20 21:16:00 UTC (commit 7585)