CVE-2011-4592 - Frothy Firearm

Description

The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=761248 http://git.moodle.org/gw?p=moodle.git;a=commit;h=ade30ad3c420ce035a3d68287db701b70e806b3f http://moodle.org/mod/forum/discuss.php?d=191761