Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 25 Mar 2013 14:12:08 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Marcus Meissner <meissner@...e.de>, security@...en.com
Subject: Re: CVE Request: Mongo DB

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/25/2013 09:58 AM, Marcus Meissner wrote:
> Hi,
> 
> I do not think this has a CVE yet ...
> 
> http://blog.scrt.ch/2013/03/24/mongodb-0-day-ssji-to-rce/
> describes a MongoDB remote exploit.
> 
> Ciao, Marcus

Looks that way. Please use CVE-2013-1892 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRUK+YAAoJEBYNRVNeJnmTTO4QAKzd0LGLn1z0wlwXWlAVwUgH
W2cDUigt5KWIbuy/W9uUSnaQsZWD70rKytt37pOKXWhsqNlrKZOlbDdxlIMgSGXC
0c6gFUsHP59h5HO2LnbwelF4Ze5T01LLIYbe+DSTLG+KePpF6HCcD07c8aXljiRe
iOqGWm8aUg5fm+CXZ5ay47CWa1UouR5t5C4XQmb/f/rip49RTAFx5SJ3/z4GHo12
Svn5WyabpIyqTBg+Ny2cVhjs4vO90n1NM1lVMzsq85GRtRz5snBwE6kW+MHc5YVE
kryxFzZSWzsCb3NyzWsnIi2zJvKFp/Ckjn9f/EL9tuVJo7DsbJVF7xTQtIIk4Ukn
XYPAv/GwtYOp/v7WIWQnx/OLzIhoZHNs5P9IH68AA3DH8hJrTr6jmgB04S0WsUvc
Cp88MnWce3qfVfEo6slVA9xYsfD6oKAuda4+kV/THf6E5kshwB8ZHtRjofWq0gNR
cae9/+7O+7CUINzro33zkwzfhGiRcgZtO1kn0p6muPf4M2Rbk1iy5YgJlJhIrYT8
8B6clqGnScB+QJ3Fol+qj8zaHmNKtVj+WwtaUR0UCX0EynDj2DfgGO1TSBq+lK4A
s6hiPB/4pOmDEeYTa8PAmTNpENV3s8rZ/NFZLIZROlfEBh9rnFEJDKwhExnmBKYr
jKwHWVldvVIIiVcTjavp
=W54H
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ