Bug 985499 (CVE-2013-3969) - CVE-2013-3969 MongoDB: remote code execution via javascript
Summary: CVE-2013-3969 MongoDB: remote code execution via javascript
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-3969
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 988670 988674
Blocks: 985508
TreeView+ depends on / blocked
 
Reported: 2013-07-17 15:47 UTC by Vincent Danen
Modified: 2019-09-29 13:06 UTC (History)
30 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-05-03 05:47:29 UTC
Embargoed:

Attachments (Terms of Use)

Description Vincent Danen 2013-07-17 15:47:16 UTC 
Similar to CVE-2013-1892, it was reported [1] that MongoDB suffers from remote code execution   This flaw requires read-write access to the MongoDB database to execute arbitrary code; however it looks as though read-only access could be used to cause the database to crash.

It is unknown whether this flaw was introduced in 2.2.3 with the change to using the V8 Javascript engine, or if it also affects earlier versions.


[1] http://blog.scrt.ch/2013/06/04/mongodb-rce-by-databasespraying/
Comment 1 Vincent Danen 2013-07-17 15:54:15 UTC 
CVE request is here:

http://openwall.com/lists/oss-security/2013/07/17/2

At least 2.2.3 through to and including 2.4.4 are vulnerable.  Upstream has indicated that they are currently working on a fix.
Comment 2 Jan Lieskovsky 2013-07-18 13:42:40 UTC 
The CVE identifier of CVE-2013-4142 has been assigned to this issue:
  http://www.openwall.com/lists/oss-security/2013/07/18/2
Comment 5 Vincent Danen 2013-08-02 17:23:29 UTC 
This was improperly assigned CVE-2013-4142, it should be CVE-2013-3969 instead as per http://www.openwall.com/lists/oss-security/2013/07/30/10
Note You need to log in before you can comment on or make changes to this bug.