Candidate: CVE-2013-1835
CRD: 2013-03-11 04:00:00 UTC
PublicDate: 2013-03-25 21:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1835
Description:
 Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and
 2.4.x before 2.4.2 allows remote authenticated administrators to obtain
 sensitive information from the external repositories of arbitrary users by
 leveraging the login_as feature.
Ubuntu-Description: 
Notes: 
 seth-arnold> MSA-13-0018
Bugs: 
Priority: medium
Discovered-by: Andrew Nicols
Assigned-to: 
CVSS: 

Patches_moodle:
 upstream: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36426
upstream_moodle: released (2.4.2, 2.3.5, 2.2.8)
hardy_moodle: ignored (reached end-of-life)
lucid_moodle: not-affected (1.9.4.dfsg-0ubuntu4)
oneiric_moodle: not-affected (1.9.9.dfsg2-3)
precise_moodle: not-affected (1.9.9.dfsg2-6)
precise/esm_moodle: DNE (precise was not-affected [1.9.9.dfsg2-6])
quantal_moodle: ignored (reached end-of-life)
raring_moodle: ignored (reached end-of-life)
saucy_moodle: ignored (reached end-of-life)
trusty_moodle: ignored (reached end-of-life)
trusty/esm_moodle: DNE (trusty was needed)
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: ignored (end of standard support, was needed)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: needed
cosmic_moodle: ignored (reached end-of-life)
disco_moodle: ignored (reached end-of-life)
eoan_moodle: ignored (reached end-of-life)
focal_moodle: DNE
groovy_moodle: DNE
hirsute_moodle: DNE
impish_moodle: DNE
jammy_moodle: DNE
devel_moodle: DNE