Summary
This host is running MongoDB and is prone to a denial of service vulnerability.
Impact
Successful exploitation will allow remote authenticated users to access sensitive information stored in the server process memory.
Impact Level: Application
Solution
Upgrade to MongoDB version 2.3.2 or later,
For updates refer to http://www.mongodb.org
Insight
An error exists in the application which fails to properly validate incorrect length of an BSON object.
Affected
MongoDB version prior to 2.3.2
Detection
Get the installed version of MongoDB with the help of detect NVT and check the version is vulnerable or not.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-6619 -
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:P/I:N/A:P
Related Vulnerabilities
- PostgreSQL 'RESET ALL' Unauthorized Access Vulnerability
- Oracle Database Server Multiple Unspecified Vulnerabilities-02 Jan2014
- Oracle MySQL Multiple Unspecified vulnerabilities-03 Feb15 (Windows)
- IBM DB2 XSLT Library Denial of Service Vulnerability
- Oracle MySQL Multiple Unspecified vulnerabilities-04 Oct14 (Windows)