oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: Mongo DB

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 25 Mar 2013 14:12:08 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/25/2013 09:58 AM, Marcus Meissner wrote:

Hi,

I do not think this has a CVE yet ...

http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/
describes a MongoDB remote exploit.

Ciao, Marcus


Looks that way. Please use CVE-2013-1892 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRUK+YAAoJEBYNRVNeJnmTTO4QAKzd0LGLn1z0wlwXWlAVwUgH
W2cDUigt5KWIbuy/W9uUSnaQsZWD70rKytt37pOKXWhsqNlrKZOlbDdxlIMgSGXC
0c6gFUsHP59h5HO2LnbwelF4Ze5T01LLIYbe+DSTLG+KePpF6HCcD07c8aXljiRe
iOqGWm8aUg5fm+CXZ5ay47CWa1UouR5t5C4XQmb/f/rip49RTAFx5SJ3/z4GHo12
Svn5WyabpIyqTBg+Ny2cVhjs4vO90n1NM1lVMzsq85GRtRz5snBwE6kW+MHc5YVE
kryxFzZSWzsCb3NyzWsnIi2zJvKFp/Ckjn9f/EL9tuVJo7DsbJVF7xTQtIIk4Ukn
XYPAv/GwtYOp/v7WIWQnx/OLzIhoZHNs5P9IH68AA3DH8hJrTr6jmgB04S0WsUvc
Cp88MnWce3qfVfEo6slVA9xYsfD6oKAuda4+kV/THf6E5kshwB8ZHtRjofWq0gNR
cae9/+7O+7CUINzro33zkwzfhGiRcgZtO1kn0p6muPf4M2Rbk1iy5YgJlJhIrYT8
8B6clqGnScB+QJ3Fol+qj8zaHmNKtVj+WwtaUR0UCX0EynDj2DfgGO1TSBq+lK4A
s6hiPB/4pOmDEeYTa8PAmTNpENV3s8rZ/NFZLIZROlfEBh9rnFEJDKwhExnmBKYr
jKwHWVldvVIIiVcTjavp
=W54H
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: