| Name | TEMP-0833087-C5410D |
| Description | bruteforcable challenge responses in unprotected logfile |
| Source | Automatically generated temporary name. Not for external reference. |
| Debian Bugs | 833087 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| mongodb (PTS) | jessie | 1:2.4.10-5+deb8u1 | fixed |
| stretch (security), stretch (lts), stretch | 1:3.2.11-2+deb9u2 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| mongodb | source | wheezy | 1:2.0.6-1.1+deb7u1 | | | |
| mongodb | source | jessie | 1:2.4.10-5+deb8u1 | | | |
| mongodb | source | (unstable) | 1:2.6.12-1 | | | 833087 |
Notes
Fixed in experimental 1:2.6.11-1, first version in unstable 1:2.6.12-1
https://jira.mongodb.org/browse/SERVER-9476
Fixed by: https://github.com/mongodb/mongo/commit/f85ceb17b37210eef71e8113162c41368bfd5c12