PublicDate: 2008-07-25 16:41:00 UTC
Candidate: CVE-2008-3327
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3327
Description:
 Moodle 1.6.5, when display_errors is enabled, allows remote attackers to
 obtain sensitive information via a direct request to (1) blog/blogpage.php
 and (2) course/report/stats/report.php, which reveals the installation path
 in an error message.
Ubuntu-Description:
Notes:
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_moodle:
upstream_moodle: needed
dapper_moodle: ignored (path visibility is not considered a security issue)
feisty_moodle: ignored (path visibility is not considered a security issue)
gutsy_moodle: ignored (path visibility is not considered a security issue)
hardy_moodle: ignored (path visibility is not considered a security issue)
devel_moodle: ignored (path visibility is not considered a security issue)