oss-sec mailing list archives
Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now)
From: Solar Designer <solar () openwall com>
Date: Wed, 8 Jan 2014 03:58:18 +0400
On Tue, Jan 07, 2014 at 05:15:11PM -0500, cve-assign () mitre org wrote:
There is a memory over-read bug that can be used by an authenticated user (if applicable) to obtain raw MongoDB server process memory contents via incorrect BSON object length. I guess that under most deployments this does not cross a security boundary, but for some it could (differently-privileged MongoDB users, data already deleted from the DB yet staying in process memory, or/and metadata that is not normally retrievable).Use CVE-2012-6619.
Thanks! To make sure MongoDB developers are aware of this, I am CC'ing this reply to security () mongodb com as specified here: http://docs.mongodb.org/manual/tutorial/create-a-vulnerability-report/ Past MongoDB security issues are listed here: http://www.mongodb.org/about/alerts/#security-related and they don't appear to include this "new" issue yet. I've just added these two links to: http://oss-security.openwall.org/wiki/software#mongodb MongoDB - here's some more context regarding the specific vulnerability (now known as CVE-2012-6619, as per the assignment above): http://www.openwall.com/lists/oss-security/2014/01/07/2 Alexander
Current thread:
- [HITB-Announce] HITB Magazine Issue 10 Out Now Hafez Kamal (Jan 06)
- MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) Solar Designer (Jan 06)
- Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) cve-assign (Jan 07)
- Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) Solar Designer (Jan 07)
- Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) Chris Sandulow (Jan 08)
- Re: MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) cve-assign (Jan 07)
- MongoDB memory over-read via incorrect BSON object length (was: [HITB-Announce] HITB Magazine Issue 10 Out Now) Solar Designer (Jan 06)