CVE-2016-3104

2017-04-14T00:00:00
ID UB:CVE-2016-3104
Type ubuntucve
Reporter ubuntu.com
Modified 2017-04-14T00:00:00

Description

mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database.

Notes

Author| Note
---|---
ratliff | The mongodb advisory recommend upgrading to latest 2.6. No 2.4 patch