Directory Traversal Vulnerability in MochiWeb Affecting Apache CouchDB
CVE-2012-5641

Currently unrated

Key Information:

Vendor

Apache
Status
Couchdb
Mochiweb
Vendor
CVE Published:
18 March 2014

What is CVE-2012-5641?

A directory traversal vulnerability exists in the partition2 function of mochiweb_util.erl in MochiWeb versions prior to 2.4.0. This vulnerability impacts Apache CouchDB versions earlier than 1.0.4 and also affects 1.1.x and 1.2.x versions prior to their respective updates. By exploiting this flaw, remote attackers can manipulate the URI to access arbitrary files on the server, facilitated by the use of unescaped backslashes. This concern highlights the need for robust input validation and security measures within web applications.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/57313
vdb-entryx_refsource_BID
http://seclists.org/fulldisclosure/2013/Jan/81
mailing-listx_refsource_FULLDISC
http://secunia.com/advisories/51765
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.