MongoBleed explained simply | MongoDB exploit

⁨72⁩ ⁨likes⁩

Submitted ⁨⁨2⁩ ⁨days⁩ ago⁩ by ⁨qaz@lemmy.world⁩ to ⁨technology@lemmy.world⁩

https://bigdata.2minutestreaming.com/p/mongobleed-explained-simply

cross-posted from: lemmy.world/post/40839222

Simple example

Comments

Sort:hotnew top

rothaine@lemmy.zip ⁨8⁩ ⁨hours⁩ ago
TLDR use calloc instead of malloc

source
bryndos@fedia.io ⁨2⁩ ⁨days⁩ ago
if /dev/null is fast and web-scale, i will use it!

source
- qaz@lemmy.world ⁨1⁩ ⁨day⁩ ago
  You start it and it scales right up
  
  source
ranzispa@mander.xyz ⁨1⁩ ⁨day⁩ ago
Hey Mongo, store this stuff; trust me it’s 1 MB. In case it turns out it is not, just give me 1 MB worth of your data.

Thank you very much.

source
- Bakkoda@lemmy.world ⁨1⁩ ⁨day⁩ ago
  MongoDB: I’m gonna need all your memory.
  
  source
bigkahuna1986@lemmy.ml ⁨2⁩ ⁨days⁩ ago
I want to thank this guy for dropping this in Christmas.

Luckily my mongo ports are hidden from the Internet, as everyone else’s should be, so it will survive until Monday when I can upgrade.

source
- adespoton@lemmy.ca ⁨2⁩ ⁨days⁩ ago
  
  It is fixed as of writing, but some EOL versions (3.6, 4.0, 4.2) will not get it.
  
  You probably are already up to date.
  
  I know my MongoDB updated around the 17th.
  
  source
clot27@lemmy.zip ⁨21⁩ ⁨hours⁩ ago
Oh shit

source