CVE-2017-14227
https://notcve.org/view.php?id=CVE-2017-14227
In MongoDB libbson 1.7.0, the bson_iter_codewscope function in bson-iter.c miscalculates a bson_utf8_validate length argument, which allows remote attackers to cause a denial of service (heap-based buffer over-read in the bson_utf8_validate function in bson-utf8.c), as demonstrated by bson-to-json.c. En MongoDB libbson 1.7.0, la función bson_iter_codewscope en bson-iter.c no calcula correctamente un argumento de longitud bson_utf8_validate, lo que permite que atacantes remotos provoquen una denegación de servicio (sobrelectura de búfer basada en montículos en la función bson_utf8_validate en bson-utf8.c), tal y como demuestra bson-to-json.c. • http://www.securityfocus.com/bid/100825 https://bugzilla.redhat.com/show_bug.cgi?id=1489355 https://bugzilla.redhat.com/show_bug.cgi?id=1489356 https://bugzilla.redhat.com/show_bug.cgi?id=1489362 • CWE-125: Out-of-bounds Read •
CVE-2016-3104
https://notcve.org/view.php?id=CVE-2016-3104
mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database. Mongod en MongoDB 2.6, cuando se utilizan usuarios de estilo 2.4 y 2.4 permiten a los atacantes remotos provocar una denegación de servicio (consumo de memoria y terminación del proceso) aprovechando la representación de la base de datos en memoria al autenticarse en una base de datos inexistente. • http://www.securityfocus.com/bid/94929 https://bugzilla.redhat.com/show_bug.cgi?id=1324496 https://jira.mongodb.org/browse/SERVER-24378 • CWE-400: Uncontrolled Resource Consumption •
CVE-2016-6494
https://notcve.org/view.php?id=CVE-2016-6494
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files. El cliente en MongoDB utiliza permisos accesibles a todos en archivos históricos .dbshell, lo que podría permitir a usuarios locales obtener información sensible leyendo estos archivos. • http://www.openwall.com/lists/oss-security/2016/07/29/4 http://www.openwall.com/lists/oss-security/2016/07/29/8 http://www.securityfocus.com/bid/92204 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832908 https://bugzilla.redhat.com/show_bug.cgi?id=1362553 https://github.com/mongodb/mongo/commit/035cf2afc04988b22cb67f4ebfd77e9b344cb6e0 https://jira.mongodb.org/browse/SERVER-25335 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MCE2ZLFBNOK3TTWS • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1609
https://notcve.org/view.php?id=CVE-2015-1609
MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request. MongoDB anterior a 2.4.13 y 2.6.x anterior a 2.6.8 permite a atacantes remotos causar una denegación de servicio a través de una cadena UTF-8 manipulada en una solicitud BSON. • http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152493.html http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153690.html http://www.securitytracker.com/id/1034466 http://www.splunk.com/view/SP-CAAAPC3 https://jira.mongodb.org/browse/SERVER-17264 https://security.gentoo.org/glsa/201611-13 • CWE-20: Improper Input Validation •
CVE-2012-6619 – mongodb: memory over-read via incorrect BSON object length
https://notcve.org/view.php?id=CVE-2012-6619
The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read. La configuración por defecto para MongoDB anterior a 2.3.2 no valida objetos, lo que permite a usuarios remotos autenticados causar una denegación de servicio (caída) o leer la memoria del sistema a través de un objeto BSON manipulado en el nombre de columna en un comando "insert", lo que provoca una sobrelectura de buffer. • http://blog.ptsecurity.com/2012/11/attacking-mongodb.html http://rhn.redhat.com/errata/RHSA-2014-0230.html http://rhn.redhat.com/errata/RHSA-2014-0440.html http://www.openwall.com/lists/oss-security/2014/01/07/13 http://www.openwall.com/lists/oss-security/2014/01/07/2 http://www.openwall.com/lists/oss-security/2014/01/08/9 https://bugzilla.redhat.com/show_bug.cgi?id=1049748 https://jira.mongodb.org/browse/SERVER-7769 https://access.redhat.com/security/ • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •