Fortinet Discovers MongoDB Remote Denial of Service Vulnerability II
Fortinet's FortiGuard Labs has discovered a remote denial of service vulnerability in MongoDB.
MongoDB is an open-source document-oriented database for multiple platforms, which provides high performance, high availability and automatic scaling. Compared with the traditional table-based relational database structure, MongoDB takes advantage of JSON-like documents with dynamic schemas, making the integration of data in certain types of applications easier and faster.
The vulnerability is caused due to incorrectly handling a specially-crafted 'createIndex' request which contains an empty name. It allows remote attackers to launch a denial of service attack.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Mar 19, 2015
Users should apply the solution provided by MongoDB.
When MongoDB runs with the authentication option '--auth', an attacker needs to be successfully authenticated into MongoDB first. Furthermore, the attacker also needs to have write permission to a database to exploit this vulnerability.
This vulnerability was discovered by Xiaopeng Zhang of Fortinet's FortiGuard Labs.