3436 matches found
MongoDB 空指针引用拒绝服务漏洞(CVE-2013-2132)
Bugtraq ID:60252 CVE ID:CVE-2013-2132 MongoDB是一个基于分布式文件存储的数据库。由C++语言编写 在解析非法DBref记录时MongoDB存在一个安全漏洞,允许远程攻击者利用漏洞触发一个空指针引用错误,可使应用程序崩溃 0 MongoDB 厂商解决方案 用户可参考如下厂商提供的安全公告获得补丁信息: https://github.com/mongodb/mongo-python-driver/commit/a060c15ef87e0f0e72974c7c0e57fe811bbd06a2...
CVE-2013-2132
bson/cbsonmodule.c in the mongo-python-driver aka. pymongo before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to decoding of an "invalid DBRef."...
MongoDB nativeHelper.apply Remote Code Execution (CVE-2013-1892)
A remote code execution vulnerability has been reported in MongoDB...
[Cuckoo Sandbox v0.6] Software for Automating Analysis of Suspicious Files
Cuckoo Sandbox is an Open Source software for automating analysis of suspicious files. To do so it makes use of custom components that monitor the behavior of the malicious processes while running in an isolated environment. Cuckoo generates a handful of different raw data which include: Native...
MongoDB Web Interface Detection
The remote web server is running the MongoDB Web Admin Interface. This interface lists information of interest to administrators of MongoDB, a document-oriented database system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65915; scriptversion"1.6";...
MongoDB Detection
A document-oriented database system is listening on the remote port. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65914; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/09/24"; scriptnameenglish:"MongoDB Detection";...
MongoDB nativeHelper.apply Remote Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC...
Fedora Update for mongodb FEDORA-2013-4531
Check for the Version of mongodb OpenVAS Vulnerability Test Fedora Update for mongodb FEDORA-2013-4531 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for mongodb FEDORA-2013-4539
Check for the Version of mongodb OpenVAS Vulnerability Test Fedora Update for mongodb FEDORA-2013-4539 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora 18 : mongodb-2.2.3-4.fc18 (2013-4539)
Fix for CVE-2013-1892 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
MongoDB - nativeHelper.apply Remote Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...
MongoDB 2.2.3 - nativeHelper.apply Remote Code Execution
Title: MongoDB nativeHelper.apply Remote Code Execution Author: agixid http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/ Software Link: http://fastdl.mongodb.org/linux/mongodb-linux-i686-2.2.3.tgz Version: 2.2.3 The following PoC exploits the "nativeHelper" feature in the spidermonkey...
Fedora Update for mongodb FEDORA-2013-4539
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...
Fedora Update for mongodb FEDORA-2013-4531
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 17 : mongodb-2.2.3-4.fc17 (2013-4531)
Fix for CVE-2013-1892 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
[SECURITY] Fedora 17 Update: mongodb-2.2.3-4.fc17
Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...
[SECURITY] Fedora 18 Update: mongodb-2.2.3-4.fc18
Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...
MongoDB nativeHelper.apply Remote Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MongoDB nativeHelper.apply Remote Cod...
MongoDB nativeHelper.apply Remote Code Execution Vulnerability
This Metasploit module exploits the nativeHelper feature from spiderMonkey which allows control over execution by calling it with specially crafted arguments. This Metasploit module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze. This file is part of the Metasplo...