1
Candidate: CVE-2015-3180
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3180
5
http://www.openwall.com/lists/oss-security/2015/05/18/1
6
https://moodle.org/mod/forum/discuss.php?d=313687
8
lib/navigationlib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x
9
before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to
10
obtain sensitive course-structure information by leveraging access to a
11
student account with a suspended enrolment.
16
Discovered-by: Alex Mitin
20
upstream: http://git.moodle.org/gw?p=moodle.git;a=commitdiff;h=8b4568500b305f7ddedbca355b73ce34ea4afbc0
21
upstream_moodle: released (2.9, 2.8.6, 2.7.8 and 2.6.11)
22
precise_moodle: ignored (reached end-of-life)
23
precise/esm_moodle: DNE (precise was needs-triage)
24
trusty_moodle: needs-triage
25
utopic_moodle: ignored (reached end-of-life)
26
vivid_moodle: ignored (reached end-of-life)
27
vivid/stable-phone-overlay_moodle: DNE
28
vivid/ubuntu-core_moodle: DNE
29
wily_moodle: ignored (reached end-of-life)
31
yakkety_moodle: ignored (reached end-of-life)
32
zesty_moodle: ignored (reached end-of-life)