Lucene search
PRIOn knowledge basePRION:CVE-2016-6494HistoryOct 03, 2016 - 6:59 p.m.
Information disclosure
2016-10-0318:59:00
PRIOn knowledge base
www.prio-n.com
1
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
References
www.openwall.com/lists/oss-security/2016/07/29/4
www.openwall.com/lists/oss-security/2016/07/29/8
www.securityfocus.com/bid/92204
bugs.debian.org/cgi-bin/bugreport.cgi?bug=832908
bugzilla.redhat.com/show_bug.cgi?id=1362553
github.com/mongodb/mongo/commit/035cf2afc04988b22cb67f4ebfd77e9b344cb6e0
jira.mongodb.org/browse/SERVER-25335
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5MCE2ZLFBNOK3TTWSTXZJQGZVP4EEJDL/
Related
openvas
openvas
Fedora Update for mongodb FEDORA-2016-89060100d7
2016-11-14 00:00:00
MongoDB Client 'dbshell' Information Disclosure Vulnerability (SERVER-25335) - Linux
2016-10-13 00:00:00
Fedora Update for mongodb FEDORA-2016-4cedbd4308
2016-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: mongodb-3.2.8-2.fc25
2016-09-27 00:55:10
[SECURITY] Fedora 24 Update: mongodb-3.2.8-2.fc24
2016-10-06 22:23:27
[SECURITY] Fedora 23 Update: mongodb-3.0.12-2.fc23
2016-10-03 20:22:28
redhatcve
redhatcve
CVE-2016-6494
2020-02-18 20:00:59
ibm
ibm
osv
osv
mongodb - security update
2016-08-08 00:00:00
mongodb - regression update
2016-08-08 00:00:00
nessus
nessus
Debian DLA-588-2 : mongodb security update
2016-08-09 00:00:00
Fedora 23 : mongodb (2016-4cedbd4308)
2016-10-06 00:00:00
Fedora 25 : mongodb (2016-9a8e2bbc04)
2016-11-15 00:00:00
cve
cve
CVE-2016-6494
2016-10-03 18:59:10
debian
debian
[SECURITY] [DLA 588-2] mongodb security update
2016-08-09 20:18:14
[SECURITY] [DLA 588-1] mongodb security update
2016-08-08 09:52:03
debiancve
debiancve
CVE-2016-6494
2016-10-03 18:59:00
nvd
nvd
CVE-2016-6494
2016-10-03 18:59:10
ubuntucve
ubuntucve
CVE-2016-6494
2016-10-03 00:00:00
cvelist
cvelist
CVE-2016-6494
2016-10-03 18:00:00