Moodlerific.org » Security http://www.moodlerific.org become moodlerific! Mon, 14 Jun 2010 20:47:22 +0000 en hourly 1 http://wordpress.org/?v=3.0 [securityalerts] Security notice: problem found in TeX and Algebra filters http://www.moodlerific.org/2009/04/02/securityalerts-security-notice-problem-found-in-tex-and-algebra-filters/ http://www.moodlerific.org/2009/04/02/securityalerts-security-notice-problem-found-in-tex-and-algebra-filters/#comments Thu, 02 Apr 2009 15:39:35 +0000 melissa http://www.moodlerific.org/?p=271 I received this email last night:

Hi Moodle Admins,

A serious problem with the TeX and algebra filters (used for mathematics notation in Moodle) has been found which could allow attackers to access server files.

If you don’t use TeX and algebra notation in your site then you should:

A) Simple disable the TeX and algebra filters completely for now:

Admin > Modules > Filters > Manage Filters

Otherwise you should:

B) Update your Moodle site to the latest weekly version from this week, or
C) Copy the latest files from filter/tex/* into your current install.

The full copy of the security notice MSA-09-0009 is shown below – this will be added to http://moodle.org/security to inform the wider Moodle community sometime next week.

Disclosure Link: http://packetstormsecurity.org/0903-exploits/moodle-disclose.txt

]]> http://www.moodlerific.org/2009/04/02/securityalerts-security-notice-problem-found-in-tex-and-algebra-filters/feed/ 0