6
CVSSv2

CVE-2013-1892

Published: 01/10/2013 Updated: 01/12/2013
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
VMScore: 651
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Summary

MongoDB prior to 2.0.9 and 2.2.x prior to 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

mongodb mongodb 1.2.0

mongodb mongodb 1.4.0

mongodb mongodb 1.6.0

mongodb mongodb 1.8.0

mongodb mongodb 2.0.0

mongodb mongodb 2.0.1

mongodb mongodb 2.0.2

mongodb mongodb 2.0.3

mongodb mongodb 2.0.4

mongodb mongodb 2.0.5

mongodb mongodb 2.0.6

mongodb mongodb 2.0.7

mongodb mongodb

mongodb mongodb 2.2.0

mongodb mongodb 2.2.1

mongodb mongodb 2.2.2

mongodb mongodb 2.2.3

redhat enterprise mrg 2.3

Vendor Advisories

Synopsis Important: mongodb and pymongo security and enhancement update Type/Severity Security Advisory: Important Topic Updated mongodb and pymongo packages that fix two security issues and addone enhancement are now available for Red Hat Enterprise MRG 23 for RedHat Enterprise Linux 6The Red Hat Securit ...
Debian Bug report logs - #704042 CVE-2013-1892 -- mongodb: Remote shell access via run method's use of native_helper Package: mongodb; Maintainer for mongodb is Debian MongoDB Maintainers <team+mongodb@trackerdebianorg>; Source for mongodb is src:mongodb (PTS, buildd, popcon) Reported by: Prach Pongpanich <prachpub@gmai ...

Exploits

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit: ...
#Title: MongoDB nativeHelperapply Remote Code Execution #Author: agixid blogscrtch/2013/03/24/mongodb-0-day-ssji-to-rce/ #Software Link: fastdlmongodborg/linux/mongodb-linux-i686-223tgz #Version: 223 The following PoC exploits the "nativeHelper" feature in the spidermonkey mongodb implementation the NativeFunction "func" c ...

Metasploit Modules

MongoDB nativeHelper.apply Remote Code Execution

This module exploits the nativeHelper feature from spiderMonkey which allows remote code execution by calling it with specially crafted arguments. This module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze.

msf > use exploit/linux/misc/mongod_native_helper
      msf exploit(mongod_native_helper) > show targets
            ...targets...
      msf exploit(mongod_native_helper) > set TARGET <target-id>
      msf exploit(mongod_native_helper) > show options
            ...show and set options...
      msf exploit(mongod_native_helper) > exploit

Github Repositories

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

A powerful MongoDB auditing and pentesting tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/