Candidate: CVE-2014-0126
PublicDate: 2014-03-24 14:20:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0126
 https://moodle.org/mod/forum/discuss.php?d=256423
 http://openwall.com/lists/oss-security/2014/03/17/1
 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146
Description:
 Cross-site request forgery (CSRF) vulnerability in
 enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before
 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers
 to hijack the authentication of administrators for requests that import an
 IMS Enterprise file.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_moodle:
upstream_moodle: released (2.5.5)
lucid_moodle: ignored (reached end-of-life)
precise_moodle: ignored (reached end-of-life)
precise/esm_moodle: DNE (precise was needs-triage)
quantal_moodle: ignored (reached end-of-life)
saucy_moodle: ignored (reached end-of-life)
trusty_moodle: ignored (reached end-of-life)
trusty/esm_moodle: DNE (trusty was needed)
utopic_moodle: ignored (reached end-of-life)
vivid_moodle: ignored (reached end-of-life)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: ignored (reached end-of-life)
xenial_moodle: not-affected (2.5.5)
yakkety_moodle: ignored (reached end-of-life)
zesty_moodle: ignored (reached end-of-life)
artful_moodle: ignored (reached end-of-life)
bionic_moodle: not-affected (2.5.5)
cosmic_moodle: not-affected (2.5.5)
disco_moodle: not-affected (2.5.5)
devel_moodle: not-affected (2.5.5)