CVE-2009-4298

NameCVE-2009-4298
DescriptionThe LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1986-1
Debian Bugs559531

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moodlesourcelenny1.8.2.dfsg-3+lenny3DSA-1986-1
moodlesource(unstable)1.8.2.dfsg-6559531

Notes

MSA-09-0023

Search for package or bug name: Reporting problems