diff options
-rw-r--r-- | share/doc/src/cve/2014-2668.rst | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/share/doc/src/cve/2014-2668.rst b/share/doc/src/cve/2014-2668.rst new file mode 100644 index 000000000..5ccd2a47f --- /dev/null +++ b/share/doc/src/cve/2014-2668.rst @@ -0,0 +1,54 @@ +.. Licensed under the Apache License, Version 2.0 (the "License"); you may not +.. use this file except in compliance with the License. You may obtain a copy of +.. the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +.. License for the specific language governing permissions and limitations under +.. the License. + + +.. _cve/2014-2668: + +================================================================================== +CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids +================================================================================== + +:Date: 26.03.2014 + +:Affected: Apache CouchDB releases up to and including 1.3.1, 1.4.0, + and 1.5.0 are vulnerable. + +:Severity: Moderate + +:Vendor: The Apache Software Foundation + +Description +=========== + +The :ref:`api/server/uuids` resource's `count` query parameter is able to take +unreasonable huge numeric value which leads to exhaustion of server resources +(CPU and memory) and to DoS as the result. + +Mitigation +========== + +Upgrade to a supported CouchDB release that includes this fix, such as: + +- :ref:`1.5.1 <release/1.5.1>` +- :ref:`1.6.0 <release/1.6.0>` + +All listed releases have included a specific fix to + +Work-Around +=========== + +Disable the :ref:`api/server/uuids` handler completely, by adapting +`local.ini` and restarting CouchDB:: + + [httpd_global_handlers] + _uuids = + |