CVE-2012-6619: Input Validation
First published: Wed Jan 08 2014(Updated: )
MongoDB was found to be affected by a memory over-read bug that can be used by an authenticated user (if applicable) to obtain raw MongoDB server process memory contents via incorrect BSON object length. This issue does not seem to cross a security boundary under most deployments, but for some it could, like differently-privileged MongoDB users, data already deleted from the DB yet staying in process memory, or/and metadata that is not normally retrievable. References: <a href="http://seclists.org/oss-sec/2014/q1/27">http://seclists.org/oss-sec/2014/q1/27</a> <a href="http://blog.ptsecurity.com/2012/11/attacking-mongodb.html">http://blog.ptsecurity.com/2012/11/attacking-mongodb.html</a> <a href="https://github.com/cyberpunkych/attacking_mongodb">https://github.com/cyberpunkych/attacking_mongodb</a> (The files used for the attack demonstration.)
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mongodb | <2.3.2 | 2.3.2 |
| MongoDB MongoDB | <=2.3.1 | |
| MongoDB MongoDB | =1.2.0 | |
| MongoDB MongoDB | =1.4.0 | |
| MongoDB MongoDB | =1.6.0 | |
| MongoDB MongoDB | =1.8.0 | |
| MongoDB MongoDB | =2.0.0 | |
| MongoDB MongoDB | =2.0.1 | |
| MongoDB MongoDB | =2.0.2 | |
| MongoDB MongoDB | =2.0.3 | |
| MongoDB MongoDB | =2.0.4 | |
| MongoDB MongoDB | =2.0.5 | |
| MongoDB MongoDB | =2.0.6 | |
| MongoDB MongoDB | =2.0.7 | |
| MongoDB MongoDB | =2.0.8 | |
| MongoDB MongoDB | =2.2.0 | |
| MongoDB MongoDB | =2.2.1 | |
| MongoDB MongoDB | =2.2.2 | |
| MongoDB MongoDB | =2.2.3 | |
| MongoDB MongoDB | =2.2.4 | |
| MongoDB MongoDB | =2.2.5 | |
| MongoDB MongoDB | =2.2.6 | |
| MongoDB MongoDB | =2.2.7 | |
| MongoDB MongoDB | =2.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/oss-sec/2014/q1/27
- http://blog.ptsecurity.com/2012/11/attacking-mongodb.html
- https://github.com/cyberpunkych/attacking_mongodb
- http://www.mongodb.org/about/alerts/#security-related
- https://jira.mongodb.org/browse/SERVER-7769
- https://github.com/mongodb/mongo/commit/6889d1658136c753998b4a408dc8d1a3ec28e3b9
- https://github.com/mongodb/mongo/commit/f9817a6cf64bdba8e1e1cef30a798110df746b58
- https://rhn.redhat.com/errata/RHSA-2014-0230.html
- https://rhn.redhat.com/errata/RHSA-2014-0440.html
- https://access.redhat.com/support/policy/updates/rhui
- https://bugzilla.redhat.com/show_bug.cgi?id=1049748
- http://rhn.redhat.com/errata/RHSA-2014-0230.html
- http://rhn.redhat.com/errata/RHSA-2014-0440.html
- http://www.openwall.com/lists/oss-security/2014/01/07/13
- http://www.openwall.com/lists/oss-security/2014/01/07/2
- http://www.openwall.com/lists/oss-security/2014/01/08/9
- agent/type
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-6619
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/tags
- agent/event
- vendor/mongodb
- canonical/mongodb mongodb
- version/mongodb mongodb/2.3.1
- version/mongodb mongodb/1.2.0
- version/mongodb mongodb/1.4.0
- version/mongodb mongodb/1.6.0
- version/mongodb mongodb/1.8.0
- version/mongodb mongodb/2.0.0
- version/mongodb mongodb/2.0.1
- version/mongodb mongodb/2.0.2
- version/mongodb mongodb/2.0.3
- version/mongodb mongodb/2.0.4
- version/mongodb mongodb/2.0.5
- version/mongodb mongodb/2.0.6
- version/mongodb mongodb/2.0.7
- version/mongodb mongodb/2.0.8
- version/mongodb mongodb/2.2.0
- version/mongodb mongodb/2.2.1
- version/mongodb mongodb/2.2.2
- version/mongodb mongodb/2.2.3
- version/mongodb mongodb/2.2.4
- version/mongodb mongodb/2.2.5
- version/mongodb mongodb/2.2.6
- version/mongodb mongodb/2.2.7
- version/mongodb mongodb/2.3.0
- package-manager/redhat