Summary
Directory traversal vulnearbility on MobchiWeb/CouchDB resulting in information disclosure.
Impact
A remote attacker could retrieve in binary form any CouchDB database, including the _users or _replication databases, or any other file that the user account used to run CouchDB might have read access to on the local filesystem.
Solution
Upgrade to version 1.0.4, 1.1.2, 1.2.1 or later.
Insight
On Windows systems there is a directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.
Affected
CouchDB Version 1.0.3, 1.1.1, 1.2.0 on Windows
Detection
Check the version
References
Severity
Classification
-
CVE CVE-2012-5641 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Afian 'includer.php' Directory Traversal Vulnerability
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Apache Tiles Multiple XSS Vulnerability