Candidate: CVE-2013-4650
PublicDate: 2013-07-04 14:33:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4650
 https://jira.mongodb.org/browse/SERVER-9983
 http://www.mongodb.org/about/alerts/
Description:
 MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote
 authenticated users to obtain internal system privileges by leveraging a
 username of __system in an arbitrary database.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_mongodb:
upstream_mongodb: released (2.4.5)
lucid_mongodb: ignored (reached end-of-life)
precise_mongodb: ignored (reached end-of-life)
precise/esm_mongodb: DNE (precise was needed)
quantal_mongodb: ignored (reached end-of-life)
raring_mongodb: ignored (reached end-of-life)
saucy_mongodb: not-affected (1:2.4.6-0ubuntu5)
trusty_mongodb: not-affected (1:2.4.9-1ubuntu2)
trusty/esm_mongodb: not-affected (1:2.4.9-1ubuntu2)
utopic_mongodb: not-affected (1:2.4.9-1ubuntu2)
vivid_mongodb: not-affected (1:2.4.9-1ubuntu2)
vivid/stable-phone-overlay_mongodb: DNE
vivid/ubuntu-core_mongodb: DNE
wily_mongodb: not-affected (1:2.4.9-1ubuntu2)
xenial_mongodb: not-affected (1:2.4.9-1ubuntu2)
yakkety_mongodb: not-affected (1:2.4.9-1ubuntu2)
zesty_mongodb: not-affected (1:2.4.9-1ubuntu2)
devel_mongodb: not-affected (1:2.4.9-1ubuntu2)