5
CVSSv2

CVE-2015-1609

Published: 30/03/2015 Updated: 01/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 446
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

MongoDB prior to 2.4.13 and 2.6.x prior to 2.6.8 allows remote malicious users to cause a denial of service via a crafted UTF-8 string in a BSON request.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

fedoraproject fedora 21

mongodb mongodb

mongodb mongodb 2.6.0

mongodb mongodb 2.6.1

mongodb mongodb 2.6.2

mongodb mongodb 2.6.3

mongodb mongodb 2.6.4

mongodb mongodb 2.6.5

mongodb mongodb 2.6.6

mongodb mongodb 2.6.7

Vendor Advisories

Debian Bug report logs - #780129 mongodb: CVE-2015-1609: BSON Handling Remote Denial of Service Package: mongodb; Maintainer for mongodb is Debian MongoDB Maintainers <team+mongodb@trackerdebianorg>; Source for mongodb is src:mongodb (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Mon, 9 Mar 20 ...
Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Denial of Service in KV Store (SPL-106324) • Vulnerability Descriptions and Ratings • Denial of Service in KV Store (SPL-106324) Description Splunk Enterprise 627 addresses one vulnerability Denial of Service in KV Store (SPL-106324) ...

Github Repositories

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

A powerful MongoDB auditing and pentesting tool

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/

mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing Installing with pip This is the recommended installation method in case you have python and pip pip install mongoaudit Alternative installer Use this if and only if python and pip are not available on your platform curl -s mongoaudit/