mongodb -- Attach IDs to users
Mitch Wasson of Cisco's Advanced Malware Protection Group reports:
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows an authenticated user's session to persist and become conflated with new accounts, if those accounts reuse the names of deleted ones.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright