CVE-2013-2132

Related Files

Red Hat Security Advisory 2013-1170-01

Posted Aug 21, 2013

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1170-01 - MongoDB is a NoSQL database. PyMongo provides tools for working with MongoDB. A flaw was found in the run() function implementation in MongoDB. A database user permitted to send database queries to a MongoDB server could use this flaw to crash the server or, possibly, execute arbitrary code with the privileges of the mongodb user. A NULL pointer dereference flaw was found in PyMongo. An invalid DBRef record received from a MongoDB server could cause an application using PyMongo to crash.

tags | advisory, arbitrary

systems | linux, redhat

advisories | CVE-2013-1892, CVE-2013-2132

SHA-256 | 774c26c772c453155510a81f629828067abba89f9124529d494aa46bbc077c37

Download | Favorite | View

Ubuntu Security Notice USN-1897-1

Posted Jul 3, 2013

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1897-1 - Jibbers McGee discovered that PyMongo incorrectly handled certain invalid DBRefs. An attacker could use this issue to cause PyMongo to crash, resulting in a denial of service.

tags | advisory, denial of service

systems | linux, ubuntu

advisories | CVE-2013-2132

SHA-256 | f7df6691afceec93e40d2b7c17cfe08566dab81217a8c75bf19fb9bb583a07c3

Download | Favorite | View

Debian Security Advisory 2705-1

Posted Jun 11, 2013

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2705-1 - Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB to crash.

tags | advisory

systems | linux, debian

advisories | CVE-2013-2132

SHA-256 | 00e591336cf07a8f2e95ed9d81b0a164f3bc60d5f23716f45e7d6918a56e3e28

Download | Favorite | View