ID FEDORA:E886360D8C71 Type fedora Reporter Fedora Modified 2015-03-21T05:01:27
Description
Mongo (from "humongous") is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: * Collection oriented storage: easy storage of object/JSON-style data * Dynamic queries * Full index support, including on inner objects and embedded arrays * Query profiling * Replication and fail-over support * Efficient storage of binary data including large objects (e.g. photos and videos) * Auto-sharding for cloud-level scalability (currently in early alpha) * Commercial Support Available A key goal of MongoDB is to bridge the gap between key/value stores (which are fast and highly scalable) and traditional RDBMS systems (which are deep in functionality).
{"id": "FEDORA:E886360D8C71", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 22 Update: mongodb-2.6.8-1.fc22", "description": "Mongo (from \"humongous\") is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: * Collection oriented storage: easy storage of object/JSON-style data * Dynamic queries * Full index support, including on inner objects and embedded arrays * Query profiling * Replication and fail-over support * Efficient storage of binary data including large objects (e.g. photos and videos) * Auto-sharding for cloud-level scalability (currently in early alpha) * Commercial Support Available A key goal of MongoDB is to bridge the gap between key/value stores (which are fast and highly scalable) and traditional RDBMS systems (which are deep in functionality). ", "published": "2015-03-21T05:01:27", "modified": "2015-03-21T05:01:27", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2015-1609"], "lastseen": "2020-12-21T08:17:52", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-1609"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310869134", "OPENVAS:1361412562310869602", "OPENVAS:1361412562310805502", "OPENVAS:1361412562310808147"]}, {"type": "kaspersky", "idList": ["KLA10516"]}, {"type": "gentoo", "idList": ["GLSA-201611-13"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14321"]}, {"type": "nessus", "idList": ["FEDORA_2015-4003.NASL", "MONGODB_2_6_8.NASL", "FEDORA_2015-4197.NASL", "GENTOO_GLSA-201611-13.NASL"]}, {"type": "fedora", "idList": ["FEDORA:0003C608790A"]}, {"type": "n0where", "idList": ["N0WHERE:159714"]}, {"type": "kitploit", "idList": ["KITPLOIT:6230906110179095668"]}], "modified": "2020-12-21T08:17:52", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2020-12-21T08:17:52", "rev": 2}, "vulnersScore": 5.6}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "22", "arch": "any", "packageName": "mongodb", "packageVersion": "2.6.8", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"cve": [{"lastseen": "2021-02-02T06:21:21", "description": "MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.", "edition": 6, "cvss3": {}, "published": "2015-03-30T14:59:00", "title": "CVE-2015-1609", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1609"], "modified": "2017-07-01T01:29:00", "cpe": ["cpe:/a:mongodb:mongodb:2.4.12", "cpe:/a:mongodb:mongodb:2.6.5", "cpe:/a:mongodb:mongodb:2.6.7", "cpe:/a:mongodb:mongodb:2.6.6", "cpe:/o:fedoraproject:fedora:21", "cpe:/a:mongodb:mongodb:2.6.0", "cpe:/a:mongodb:mongodb:2.6.4", "cpe:/a:mongodb:mongodb:2.6.1", "cpe:/a:mongodb:mongodb:2.6.3", "cpe:/a:mongodb:mongodb:2.6.2"], "id": "CVE-2015-1609", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1609", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:mongodb:mongodb:2.6.7:*:*:*:*:*:*:*"]}], "kaspersky": [{"lastseen": "2020-09-02T11:44:57", "bulletinFamily": "info", "cvelist": ["CVE-2015-1609"], "description": "### *Detect date*:\n03/30/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nAn unspecified vulnerability was found in MongoDB. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed string in BSON request.\n\n### *Affected products*:\nMongoDB versions earlier than 2.4.13 \nMongoDB 2.6 versions earlier than 2.6.8\n\n### *Solution*:\nUpdate to the latest version \n[Get MongoDB](<https://www.mongodb.org/downloads>)\n\n### *Original advisories*:\n[MongoDB JIRA](<https://jira.mongodb.org/browse/SERVER-17264>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[MongoDB](<https://threats.kaspersky.com/en/product/MongoDB/>)\n\n### *CVE-IDS*:\n[CVE-2015-1609](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1609>)5.0Critical", "edition": 43, "modified": "2020-05-22T00:00:00", "published": "2015-03-30T00:00:00", "id": "KLA10516", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10516", "title": "\r KLA10516Denial of service vulnerability in MongoDB ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-11-21T00:54:30", "bulletinFamily": "unix", "cvelist": ["CVE-2015-1609"], "edition": 1, "description": "### Background\n\nMongoDB (from \u201chumongous\u201d) is a scalable, high-performance, open source, schema-free, document-oriented database. \n\n### Description\n\nMongoDB\u2019s \u2018mongod\u2019 server fails to validate some cases of malformed BSON. \n\n### Impact\n\nA remote attacker could send a specially crafted BSON request possibly resulting in a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll MongoDB users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-db/mongodb-2.4.13\"", "modified": "2016-11-20T00:00:00", "published": "2016-11-20T00:00:00", "href": "https://security.gentoo.org/glsa/201611-13", "id": "GLSA-201611-13", "title": "MongoDB: Denial of Service", "type": "gentoo", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2015-1609"], "description": "Mongo (from \"humongous\") is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: * Collection oriented storage: easy storage of object/JSON-style data * Dynamic queries * Full index support, including on inner objects and embedded arrays * Query profiling * Replication and fail-over support * Efficient storage of binary data including large objects (e.g. photos and videos) * Auto-sharding for cloud-level scalability (currently in early alpha) * Commercial Support Available A key goal of MongoDB is to bridge the gap between key/value stores (which are fast and highly scalable) and traditional RDBMS systems (which are deep in functionality). ", "modified": "2015-03-29T04:57:15", "published": "2015-03-29T04:57:15", "id": "FEDORA:0003C608790A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: mongodb-2.4.13-1.fc21", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-12T10:13:33", "description": "Security fix for CVE-2015-1609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-03-30T00:00:00", "title": "Fedora 21 : mongodb-2.4.13-1.fc21 (2015-4197)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "modified": "2015-03-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mongodb", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-4197.NASL", "href": "https://www.tenable.com/plugins/nessus/82310", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4197.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82310);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1609\");\n script_bugtraq_id(72990);\n script_xref(name:\"FEDORA\", value:\"2015-4197\");\n\n script_name(english:\"Fedora 21 : mongodb-2.4.13-1.fc21 (2015-4197)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-1609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1200446\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153690.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?237c0d28\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mongodb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mongodb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"mongodb-2.4.13-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mongodb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-03-01T04:08:05", "description": "The version of the remote MongoDB server is 2.4.x prior to 2.4.13 or\n2.6.x prior to 2.6.8 or 3.0.x prior to 3.0.0-rc9. It is, therefore,\naffected by a denial of service vulnerability in mongod due to\nimproper validation of BSON messages. A remote, unauthenticated\nattacker can exploit this, via a specially crafted BSON message, to\ncause an uncaught exception, resulting in a denial of service\ncondition.", "edition": 27, "cvss3": {"score": 5.3, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2016-02-24T00:00:00", "title": "MongoDB 2.4.x < 2.4.13 / 2.6.x < 2.6.8 / 3.0.x < 3.0.0-rc9 mongod BSON DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:mongodb:mongodb"], "id": "MONGODB_2_6_8.NASL", "href": "https://www.tenable.com/plugins/nessus/88931", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88931);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/16 12:48:30\");\n\n script_cve_id(\"CVE-2015-1609\");\n script_bugtraq_id(72990);\n\n script_name(english:\"MongoDB 2.4.x < 2.4.13 / 2.6.x < 2.6.8 / 3.0.x < 3.0.0-rc9 mongod BSON DoS\");\n script_summary(english:\"Checks the version of MongoDB.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by a denial of service\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of the remote MongoDB server is 2.4.x prior to 2.4.13 or\n2.6.x prior to 2.6.8 or 3.0.x prior to 3.0.0-rc9. It is, therefore,\naffected by a denial of service vulnerability in mongod due to\nimproper validation of BSON messages. A remote, unauthenticated\nattacker can exploit this, via a specially crafted BSON message, to\ncause an uncaught exception, resulting in a denial of service\ncondition.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://jira.mongodb.org/browse/SERVER-17264\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.mongodb.com/alerts\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MongoDB version 2.4.13 / 2.6.8 / 3.0.0-rc9 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:mongodb:mongodb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mongodb_detect.nasl\");\n script_require_keys(\"Services/mongodb\", \"Settings/ParanoidReport\");\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nappname = \"MongoDB\";\n\nport = get_service(svc:\"mongodb\", exit_on_fail:TRUE);\n\ndisp_version = get_kb_item_or_exit(\"mongodb/\" + port + \"/Version\");\ndatabases = get_kb_list('mongodb/' + port + '/Databases');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (disp_version == UNKNOWN_VER) audit(AUDIT_UNKNOWN_WEB_SERVER_VER, \"MongoDB\", port);\n\nversion = disp_version;\nrc = -1;\n\nif (disp_version =~ \"-rc\")\n{\n version = substr(disp_version, 0, stridx(disp_version, \"-rc\") - 1);\n rc = substr(disp_version, stridx(disp_version, \"-rc\") + 3);\n}\n\n# affected: 2.6.7 and earlier, 2.4.12 and earlier, 3.0.0-rc8 and earlier\n# fixed: 2.6.8, 2.4.13, 3.0.0-rc9\n# \"All MongoDB production releases up to 2.6.7 are affected by this issue.\"\n# so if we aren't 2.4.X or 3.0.x, we check against 2.6.8.\nfix_rc = -1;\nif (version =~ \"^2\\.4\\.\")\n{\n fix = \"2.4.13\";\n disp_fix = fix;\n}\nelse if (version =~ \"^3\\.0\\.\")\n{\n fix = \"3.0.0\";\n disp_fix = \"3.0.0-rc9\";\n fix_rc = \"9\";\n}\nelse\n{\n fix = \"2.6.8\";\n disp_fix = fix;\n}\n\nvuln = FALSE;\n\n# no rcs involved at all\n# flag when version >= fix\nif (rc == -1 && fix_rc == -1)\n if (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n vuln = TRUE;\n\n# rc in ver, but not fix\n# flag when version > fix\nif (rc > -1 && fix_rc == -1)\n if (ver_compare(ver:version, fix:fix, strict:FALSE) <= 0)\n vuln = TRUE;\n\n# rc in fix, but not ver\n# flag when version >= fix\nif (rc == -1 && fix_rc > -1)\n if (ver_compare(ver:version, fix:fix, strict:FALSE) < 0)\n vuln = TRUE;\n\n# rc in both\n# flag when version == fix and rc >= fix_rc\nif (rc > -1 && fix_rc > -1)\n if (version == fix)\n if (ver_compare(ver:rc, fix:fix_rc) < 0 )\n vuln = TRUE;\n\nif (vuln)\n{\n report = '\\n Installed version : ' + disp_version +\n '\\n Fixed version : ' + disp_fix;\n if(databases)\n report += '\\n Databases : ';\n first = TRUE;\n foreach database (databases)\n {\n if(!first)\n report += ' ';\n report += database;\n collections = get_kb_item('mongodb/' + port + '/Collections/' + database);\n if(collections)\n report += ' - ' + collections;\n report += '\\n';\n first = FALSE;\n }\n report += '\\n';\n security_report_v4(port:port, severity:SECURITY_WARNING, extra:report);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, appname, disp_version);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T11:05:22", "description": "The remote host is affected by the vulnerability described in GLSA-201611-13\n(MongoDB: Denial of Service)\n\n MongoDB’s ‘mongod’ server fails to validate some cases of\n malformed BSON.\n \nImpact :\n\n A remote attacker could send a specially crafted BSON request possibly\n resulting in a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "published": "2016-11-21T00:00:00", "title": "GLSA-201611-13 : MongoDB: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "modified": "2016-11-21T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:mongodb"], "id": "GENTOO_GLSA-201611-13.NASL", "href": "https://www.tenable.com/plugins/nessus/95020", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201611-13.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95020);\n script_version(\"3.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1609\");\n script_xref(name:\"GLSA\", value:\"201611-13\");\n\n script_name(english:\"GLSA-201611-13 : MongoDB: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201611-13\n(MongoDB: Denial of Service)\n\n MongoDB’s ‘mongod’ server fails to validate some cases of\n malformed BSON.\n \nImpact :\n\n A remote attacker could send a specially crafted BSON request possibly\n resulting in a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201611-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All MongoDB users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/mongodb-2.4.13'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:mongodb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/mongodb\", unaffected:make_list(\"ge 2.4.13\"), vulnerable:make_list(\"lt 2.4.13\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MongoDB\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:13:33", "description": "Upgrade to 2.6.8 - CVE-2015-1609 fix.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "published": "2015-03-23T00:00:00", "title": "Fedora 22 : mongodb-2.6.8-1.fc22 (2015-4003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "modified": "2015-03-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mongodb", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-4003.NASL", "href": "https://www.tenable.com/plugins/nessus/81989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4003.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81989);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1609\");\n script_bugtraq_id(72990);\n script_xref(name:\"FEDORA\", value:\"2015-4003\");\n\n script_name(english:\"Fedora 22 : mongodb-2.6.8-1.fc22 (2015-4003)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade to 2.6.8 - CVE-2015-1609 fix.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1200446\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152493.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12f18d6a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mongodb package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mongodb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mongodb-2.6.8-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mongodb\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:59", "bulletinFamily": "software", "cvelist": ["CVE-2015-1609"], "description": "Crash on BSON parsing.", "edition": 1, "modified": "2015-03-16T00:00:00", "published": "2015-03-16T00:00:00", "id": "SECURITYVULNS:VULN:14321", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14321", "title": "MongoDB DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:36:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-03-30T00:00:00", "id": "OPENVAS:1361412562310869134", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869134", "type": "openvas", "title": "Fedora Update for mongodb FEDORA-2015-4197", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mongodb FEDORA-2015-4197\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869134\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-30 06:59:42 +0200 (Mon, 30 Mar 2015)\");\n script_cve_id(\"CVE-2015-1609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mongodb FEDORA-2015-4197\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mongodb'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mongodb on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-4197\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153690.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"mongodb\", rpm:\"mongodb~2.4.13~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869602", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869602", "type": "openvas", "title": "Fedora Update for mongodb FEDORA-2015-4003", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mongodb FEDORA-2015-4003\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869602\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:26:47 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-1609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mongodb FEDORA-2015-4003\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mongodb'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mongodb on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-4003\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152493.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"mongodb\", rpm:\"mongodb~2.6.8~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:25:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "description": "The host is installed with MongoDB\n and is prone to remote denial of service vulnerability.", "modified": "2019-07-05T00:00:00", "published": "2016-06-07T00:00:00", "id": "OPENVAS:1361412562310808147", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808147", "type": "openvas", "title": "MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability (Linux)\n#\n# Authors:\n# Kashinath T <tkashinath@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mongodb:mongodb\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808147\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_cve_id(\"CVE-2015-1609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2016-06-07 10:43:02 +0530 (Tue, 07 Jun 2016)\");\n script_name(\"MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability (Linux)\");\n\n script_tag(name:\"summary\", value:\"The host is installed with MongoDB\n and is prone to remote denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Flaw is due to error in mongod that is\n triggered when handling a specially crafted BSON message.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service (application crash).\");\n\n script_tag(name:\"affected\", value:\"MongoDB version 2.4.12 and earlier,\n 2.6.7 and earlier, and 3.0.0-rc8 on Linux\");\n\n script_tag(name:\"solution\", value:\"Upgrade to MongoDB version 2.4.13 or\n 2.6.8 or 3.0.0-rc9 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_xref(name:\"URL\", value:\"https://www.mongodb.org/about/alerts/\");\n script_xref(name:\"URL\", value:\"https://jira.mongodb.org/browse/SERVER-17264\");\n script_xref(name:\"URL\", value:\"https://fortiguard.com/zeroday/FG-VD-15-012\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"gb_mongodb_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mongodb\", 27017);\n script_mandatory_keys(\"mongodb/installed\", \"Host/runs_unixoide\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!mongodbPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!ver = get_app_version(cpe:CPE, port:mongodbPort)) exit(0);\n\n##Replace '-' by '.' in version\nif(\"-rc\" >< ver){\n mongodbversion = ereg_replace(pattern:\"-\", replace:\".\", string:ver);\n}\n\nif(mongodbversion)\n{\n if(version_in_range(version:mongodbversion, test_version:\"2.6\", test_version2:\"2.6.7\"))\n {\n fix = \"2.6.8\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:mongodbversion, test_version:\"2.4\", test_version2:\"2.4.12\"))\n {\n fix = \"2.4.13\";\n VULN = TRUE ;\n }\n\n else if(version_is_equal(version:mongodbversion, test_version:\"3.0.0.rc8\"))\n {\n fix = \"3.0.0.rc9\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:mongodbversion, fixed_version:fix);\n {\n security_message(data:report, port:mongodbPort);\n exit(0);\n }\n }\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-07-17T14:27:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-1609"], "description": "The host is installed with MongoDB\n and is prone to remote denial of service vulnerability.", "modified": "2019-07-05T00:00:00", "published": "2015-03-12T00:00:00", "id": "OPENVAS:1361412562310805502", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310805502", "type": "openvas", "title": "MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:mongodb:mongodb\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.805502\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_cve_id(\"CVE-2015-1609\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2015-03-12 15:36:05 +0530 (Thu, 12 Mar 2015)\");\n script_name(\"MongoDB BSON Message Handling Remote Denial-of-Service Vulnerability\");\n\n script_tag(name:\"summary\", value:\"The host is installed with MongoDB\n and is prone to remote denial of service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Flaw is due to error in mongod that is\n triggered when handling a specially crafted BSON message.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to cause a denial of service (application crash).\");\n\n script_tag(name:\"affected\", value:\"MongoDB version 2.4.12 and earlier,\n 2.6.7 and earlier, and 3.0.0-rc8 on Windows\");\n\n script_tag(name:\"solution\", value:\"Upgrade to MongoDB version 2.4.13 or\n 2.6.8 or 3.0.0-rc9 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_xref(name:\"URL\", value:\"https://www.mongodb.org/about/alerts/\");\n script_xref(name:\"URL\", value:\"https://jira.mongodb.org/browse/SERVER-17264\");\n script_xref(name:\"URL\", value:\"https://fortiguard.com/zeroday/FG-VD-15-012\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Databases\");\n script_dependencies(\"gb_mongodb_detect.nasl\", \"os_detection.nasl\");\n script_require_ports(\"Services/mongodb\", 27017);\n script_mandatory_keys(\"mongodb/installed\", \"Host/runs_windows\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\n\nif(!mongodbPort = get_app_port(cpe:CPE)) exit(0);\n\nif(!ver = get_app_version(cpe:CPE, port:mongodbPort)) exit(0);\n\n##Replace '-' by '.' in version\nif(\"-rc\" >< ver){\n mongodbversion = ereg_replace(pattern:\"-\", replace:\".\", string:ver);\n}\n\nif(mongodbversion)\n{\n if(version_in_range(version:mongodbversion, test_version:\"2.6\", test_version2:\"2.6.7\"))\n {\n fix = \"2.6.8\";\n VULN = TRUE ;\n }\n\n else if(version_in_range(version:mongodbversion, test_version:\"2.4\", test_version2:\"2.4.12\"))\n {\n fix = \"2.4.13\";\n VULN = TRUE ;\n }\n\n else if(version_is_equal(version:mongodbversion, test_version:\"3.0.0.rc8\"))\n {\n fix = \"3.0.0.rc9\";\n VULN = TRUE ;\n }\n\n if(VULN)\n {\n report = report_fixed_ver(installed_version:mongodbversion, fixed_version:fix);\n {\n security_message(data:report, port:mongodbPort);\n exit(0);\n }\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "n0where": [{"lastseen": "2019-08-01T11:50:07", "bulletinFamily": "tools", "cvelist": ["CVE-2015-7882", "CVE-2014-3971", "CVE-2014-2917", "CVE-2012-6619", "CVE-2015-2705", "CVE-2014-8964", "CVE-2013-4650", "CVE-2013-3969", "CVE-2015-1609", "CVE-2013-1892", "CVE-2013-2132"], "description": "## MongoDB Security Audit \n\n* * *\n\nmongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB\u2019s default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the [ _ MongoDB apocalypse _ ](<http://thenextweb.com/insider/2017/01/08/mongodb-ransomware-exists-people-bad-security/>) . mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! \n\nAmong other tests, it checks if: \n\n * MongoDB listens on a port different to default one \n * MongoDB HTTP status interface is disabled \n * TLS/SSL encryption is enabled \n * Authentication is enabled \n * SCRAM-SHA-1 authentication method is enabled \n * Server-side Javascript is forbidden \n * Roles granted to the user only permit CRUD operations \n * The user has permissions over a single database \n * The server is vulnerable to a dozen of different known security bugs \n\n## Installing with pip \n\nThis is the recommended installation method in case you have ` python ` and ` pip ` . \n \n \n pip install mongoaudit\n\n## Alternative installer \n\nUse this if and only if ` python ` and ` pip ` are not available on your platform. \n \n \n curl -s https://mongoaud.it/install | bash\n\n_ works on Mac OS X, GNU/Linux and Bash for Windows 10 _\n\n_ If you are serious about security you should always use the PIP installer or, better yet, follow best security practices: clone this repository, check the source code and only then run it with ` python mongoaudit ` . _\n\n\n\n## Supported tests \n\n * MongoDB listens on a port different to default one \n * Server only accepts connections from whitelisted hosts / networks \n * MongoDB HTTP status interface is not accessible on port 28017 \n * MongoDB is not exposing its version number \n * MongoDB version is newer than 2.4 \n * TLS/SSL encryption is enabled \n * Authentication is enabled \n * SCRAM-SHA-1 authentication method is enabled \n * Server-side Javascript is forbidden \n * Roles granted to the user only permit CRUD operations * \n * The user has permissions over a single database * \n * Security bug [ CVE-2015-7882 ](<https://jira.mongodb.org/browse/SERVER-20691>)\n * Security bug [ CVE-2015-2705 ](<https://jira.mongodb.org/browse/SERVER-17521>)\n * Security bug [ CVE-2014-8964 ](<https://jira.mongodb.org/browse/SERVER-17252>)\n * Security bug [ CVE-2015-1609 ](<https://jira.mongodb.org/browse/SERVER-17264>)\n * Security bug [ CVE-2014-3971 ](<https://jira.mongodb.org/browse/SERVER-13753>)\n * Security bug [ CVE-2014-2917 ](<https://jira.mongodb.org/browse/SERVER-13644>)\n * Security bug [ CVE-2013-4650 ](<https://jira.mongodb.org/browse/SERVER-9983>)\n * Security bug [ CVE-2013-3969 ](<https://jira.mongodb.org/browse/SERVER-9878>)\n * Security bug [ CVE-2012-6619 ](<https://www.cvedetails.com/cve/CVE-2012-6619/>)\n * Security bug [ CVE-2013-1892 ](<https://www.cvedetails.com/cve/CVE-2013-1892/>)\n * Security bug [ CVE-2013-2132 ](<https://www.cvedetails.com/cve/CVE-2013-2132/>)\n\n_ Tests marked with an asterisk ( ` * ` ) require valid authentication credentials. _\n\n[  ](<https://github.com/stampery/mongoaudit>)\n", "edition": 4, "modified": "2017-02-16T06:05:56", "published": "2017-02-16T06:05:56", "id": "N0WHERE:159714", "href": "https://n0where.net/mongodb-security-audit-mongoaudit", "title": "MongoDB Security Audit: mongoaudit", "type": "n0where", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kitploit": [{"lastseen": "2020-12-09T09:23:38", "bulletinFamily": "tools", "cvelist": ["CVE-2015-7882", "CVE-2014-3971", "CVE-2014-2917", "CVE-2012-6619", "CVE-2015-2705", "CVE-2014-8964", "CVE-2013-4650", "CVE-2013-3969", "CVE-2015-1609", "CVE-2013-1892", "CVE-2013-2132"], "description": "[  ](<https://1.bp.blogspot.com/-BAEI4GFqIKM/WKfjgc6Bl2I/AAAAAAAAHTo/mBrqMLZhEq8Tq20yITBuzDYdp_bKqEfLQCLcB/s1600/mongoaudit-header.png>)\n\n \n\n\n** mongoaudit ** is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. \n\n\n## Installing with pip \n\nThis is the recommended installation method in case you have ` python ` and ` pip ` . \n\n \n \n pip install mongoaudit\n\n## Alternative installer \n\nUse this if and only if ` python ` and ` pip ` are not available on your platform. \n\n \n \n curl -s https://mongoaud.it/install | bash\n\n_ works on Mac OS X, GNU/Linux and Bash for Windows 10 _ \n_ If you are serious about security you should always use the PIP installer or, better yet, follow best security practices: clone this repository, check the source code and only then run it with ` python mongoaudit ` . _ \n\n\n## Introduction \n\nIt is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the [ _ MongoDB apocalypse _ ](<http://thenextweb.com/insider/2017/01/08/mongodb-ransomware-exists-people-bad-security/>) . \n** mongoaudit ** not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! \nThis is how the actual app looks like: \n \n\n\n[  ](<https://1.bp.blogspot.com/-HozOuiEPJP0/WKfjmC_4-5I/AAAAAAAAHTs/9wdfuwReOUkB--UN0hJJf5Iwl9vgp3xygCLcB/s1600/mongoaudit.png>)\n\n \n_ Yep, that's material design on a console line interface. (Powered by [ urwid ](<https://github.com/urwid/urwid>) ) _\n\n## Supported tests \n\n * MongoDB listens on a port different to default one \n * Server only accepts connections from whitelisted hosts / networks \n * MongoDB HTTP status interface is not accessible on port 28017 \n * MongoDB is not exposing its version number \n * MongoDB version is newer than 2.4 \n * TLS/SSL encryption is enabled \n * Authentication is enabled \n * SCRAM-SHA-1 authentication method is enabled \n * Server-side Javascript is forbidden \n * Roles granted to the user only permit CRUD operations * \n * The user has permissions over a single database * \n * Security bug [ CVE-2015-7882 ](<https://jira.mongodb.org/browse/SERVER-20691>)\n * Security bug [ CVE-2015-2705 ](<https://jira.mongodb.org/browse/SERVER-17521>)\n * Security bug [ CVE-2014-8964 ](<https://jira.mongodb.org/browse/SERVER-17252>)\n * Security bug [ CVE-2015-1609 ](<https://jira.mongodb.org/browse/SERVER-17264>)\n * Security bug [ CVE-2014-3971 ](<https://jira.mongodb.org/browse/SERVER-13753>)\n * Security bug [ CVE-2014-2917 ](<https://jira.mongodb.org/browse/SERVER-13644>)\n * Security bug [ CVE-2013-4650 ](<https://jira.mongodb.org/browse/SERVER-9983>)\n * Security bug [ CVE-2013-3969 ](<https://jira.mongodb.org/browse/SERVER-9878>)\n * Security bug [ CVE-2012-6619 ](<https://www.cvedetails.com/cve/CVE-2012-6619/>)\n * Security bug [ CVE-2013-1892 ](<https://www.cvedetails.com/cve/CVE-2013-1892/>)\n * Security bug [ CVE-2013-2132 ](<https://www.cvedetails.com/cve/CVE-2013-2132/>)\n_ Tests marked with an asterisk ( ` * ` ) require valid authentication credentials. _ \n\n\n## How can I best secure my MongoDB? \n\nOnce you run any of the test suites provided by ** mongoaudit ** , it will offer you to receive a fully detailed report via email. This personalized report links to a series of useful guides on how to fix every specific issue and how to harden your MongoDB deployments. \nFor your convenience, we have also published the ** mongoaudit ** guides in our [ Medium publication ](<https://medium.com/mongoaudit>) . \n \n** Disclaimer ** \n\n \n \n \"With great power comes great responsibility\"\n\n * Never use this tool on servers you don't own. Unauthorized access to strangers' computer systems is a crime in many countries. \n * Please use this tool is at your own risk. We will accept no liability for any loss or damage which you may incur no matter how caused. \n * Don't be evil! \n\n \n\n\n** [ Download mongoaudit ](<https://github.com/stampery/mongoaudit>) **\n", "edition": 29, "modified": "2017-02-22T14:04:10", "published": "2017-02-22T14:04:10", "id": "KITPLOIT:6230906110179095668", "href": "http://www.kitploit.com/2017/02/mongoaudit-powerful-mongodb-auditing.html", "title": "mongoaudit - A Powerful MongoDB Auditing and Pentesting Tool", "type": "kitploit", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
