The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by reading this script's source code within the open-source software distribution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2012-07-17T10:00:00
Updated: 2024-08-06T18:38:14.299Z
Reserved: 2012-01-19T00:00:00
Link: CVE-2012-0794
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-07-17T10:20:52.973
Modified: 2024-11-21T01:35:44.313
Link: CVE-2012-0794
Redhat
No data.