CVE-2013-1892

Mongodb < 2.0.8 - Improper Input Validation

Title source: rule

Description

MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Exploits (3)

exploitdb WORKING POC VERIFIED

by agix · textremotelinux

https://www.exploit-db.com/exploits/24947

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/24935

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by agix · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/mongod_native_helper.rb

View Code ZIP pw:eip

References (9)

[Vendor Advisory] http://rhn.redhat.com/errata/RHSA-2013-1170.html

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/24947

[Mailing List] http://www.openwall.com/lists/oss-security/2013/03/25/9

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101630.html

[Exploit] http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/24935

[Various Sources] https://jira.mongodb.org/browse/SERVER-9124

[Vendor Advisory] http://www.mongodb.org/about/alerts/

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101679.html

Scores

EPSS 0.5353

EPSS Percentile 98.0%

Details

CWE

CWE-20

Status published

Products (18)

mongodb/mongodb 1.2.0

mongodb/mongodb 1.4.0

mongodb/mongodb 1.6.0

mongodb/mongodb 1.8.0

mongodb/mongodb 2.0.0

mongodb/mongodb 2.0.1

mongodb/mongodb 2.0.2

mongodb/mongodb 2.0.3

mongodb/mongodb 2.0.4

mongodb/mongodb 2.0.5

... and 8 more

Published Oct 01, 2013

Tracked Since Feb 18, 2026