Test Kennung:	1.3.6.1.4.1.25623.1.0.105903
Kategorie:	Databases
Titel:	Apache CouchDB <= 1.0.3, 1.1.x <= 1.1.1, 1.2.0 Directory Traversal Vulnerability
Zusammenfassung:	Apache CouchDB is prone to a directory traversal vulnerability in; the MobchiWeb component.
Beschreibung:	Summary: Apache CouchDB is prone to a directory traversal vulnerability in the MobchiWeb component. Vulnerability Insight: On Windows systems there is a directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI. Vulnerability Impact: A remote attacker could retrieve in binary form any CouchDB database, including the _users or _replication databases, or any other file that the user account used to run CouchDB might have read access to on the local filesystem. Affected Software/OS: Apache CouchDB version 1.0.3 and prior, 1.1.x through 1.1.1 and 1.2.0 on Windows. Solution: Update to version 1.0.4, 1.1.2, 1.2.1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5641 BugTraq ID: 57313 http://www.securityfocus.com/bid/57313 http://seclists.org/fulldisclosure/2013/Jan/81 http://secunia.com/advisories/51765 XForce ISS Database: apache-couchdb-dir-traversal(81240) https://exchange.xforce.ibmcloud.com/vulnerabilities/81240
Copyright	Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.