Add documentation for CVE-2014-2668
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/a5489a7e Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/a5489a7e Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/a5489a7e Branch: refs/heads/2200-feature-support-erlang-17.0 Commit: a5489a7e4771693974f8190710a7d074aa206f26 Parents: 4924567 Author: Alexander Shorin <kxe...@apache.org> Authored: Tue Apr 15 09:11:00 2014 +0200 Committer: Jan Lehnardt <j...@apache.org> Committed: Wed Apr 16 16:43:10 2014 +0200 ---------------------------------------------------------------------- share/doc/src/cve/2014-2668.rst | 54 ++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/couchdb/blob/a5489a7e/share/doc/src/cve/2014-2668.rst ---------------------------------------------------------------------- diff --git a/share/doc/src/cve/2014-2668.rst b/share/doc/src/cve/2014-2668.rst new file mode 100644 index 0000000..5ccd2a4 --- /dev/null +++ b/share/doc/src/cve/2014-2668.rst @@ -0,0 +1,54 @@ +.. Licensed under the Apache License, Version 2.0 (the "License"); you may not +.. use this file except in compliance with the License. You may obtain a copy of +.. the License at +.. +.. http://www.apache.org/licenses/LICENSE-2.0 +.. +.. Unless required by applicable law or agreed to in writing, software +.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +.. License for the specific language governing permissions and limitations under +.. the License. + + +.. _cve/2014-2668: + +================================================================================== +CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids +================================================================================== + +:Date: 26.03.2014 + +:Affected: Apache CouchDB releases up to and including 1.3.1, 1.4.0, + and 1.5.0 are vulnerable. + +:Severity: Moderate + +:Vendor: The Apache Software Foundation + +Description +=========== + +The :ref:`api/server/uuids` resource's `count` query parameter is able to take +unreasonable huge numeric value which leads to exhaustion of server resources +(CPU and memory) and to DoS as the result. + +Mitigation +========== + +Upgrade to a supported CouchDB release that includes this fix, such as: + +- :ref:`1.5.1 <release/1.5.1>` +- :ref:`1.6.0 <release/1.6.0>` + +All listed releases have included a specific fix to + +Work-Around +=========== + +Disable the :ref:`api/server/uuids` handler completely, by adapting +`local.ini` and restarting CouchDB:: + + [httpd_global_handlers] + _uuids = +
