Summary
Directory traversal vulnearbility on MobchiWeb/CouchDB resulting in information disclosure.
Impact
A remote attacker could retrieve in binary form any CouchDB database, including the _users or _replication databases, or any other file that the user account used to run CouchDB might have read access to on the local filesystem.
Solution
Upgrade to version 1.0.4, 1.1.2, 1.2.1 or later.
Insight
On Windows systems there is a directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.
Affected
CouchDB Version 1.0.3, 1.1.1, 1.2.0 on Windows
Detection
Check the version
References
Severity
Classification
-
CVE CVE-2012-5641 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe ColdFusion HTTP Response Splitting Vulnerability
- APC PowerChute Network Shutdown HTTP Response Splitting Vulnerability
- AfterLogic WebMail Pro Multiple Cross Site Scripting Vulnerabilities
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- Adobe ColdFusion Multiple Vulnerabilities-03 May-2014