Joined: 12 May 2004
|Posted: Sun Nov 20, 2016 11:26 pm Post subject: [ GLSA 201611-13 ] MongoDB
|Gentoo Linux Security Advisory
Title: MongoDB: Denial of Service (GLSA 201611-13)
Date: November 20, 2016
A vulnerability in MongoDB can lead to a Denial of Service
MongoDB (from “humongous”) is a scalable, high-performance, open
source, schema-free, document-oriented database.
Vulnerable: < 2.4.13
Unaffected: >= 2.4.13
Architectures: All supported architectures
MongoDB’s ‘mongod’ server fails to validate some cases of
A remote attacker could send a specially crafted BSON request possibly
resulting in a Denial of Service condition.
There is no known workaround at this time.
All MongoDB users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/mongodb-2.4.13"