Download
| Alert*
oval:org.secpod.oval:def:60417
The host is installed with MongoDB 4.0 before 4.0.11, 3.6 before 3.6.14 or 3.4 before 3.4.22 and is prone to an improper input vulnerability. A flaw is present in the application which fails to handle SysV init scripts. Successful exploitation allows an attacker to insert arbitrary PIDs to be killed ... oval:org.secpod.oval:def:1902814 Incorrect scoping of kill operations in MongoDB Server"s packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4 ... oval:org.secpod.oval:def:2005279 Incorrect scoping of kill operations in MongoDB Server"s packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4 ... |