(I've trimmed the CC list; apologies if that's incorrect) Would it be possible to get a more complete description of this issue?
Specifically, it would be nice to get a more exact description of the access required for an attacker to initiate the attack. I can make some reasonable guesses, but I would rather not rely on guesses when it comes to issuing updates to our customers. Thanks, Eli On Mon, Jan 14, 2013 at 2:05 AM, Jan Lehnardt <[email protected]> wrote: > CVE-2012-5650 > > DOM based Cross-Site Scripting via Futon UI > > Affected Versions: > Apache CouchDB releases up to and including 1.0.3, 1.1.1, and 1.2.0 > are vulnerable. > > Description: > Query parameters passed into the browser-based test suite are not > sanitised, > and can be used to load external resources. An attacker may execute > JavaScript > code in the browser, using the context of the remote user. > > Mitigation: > Upgrade to a supported release that includes this fix, such as Apache > CouchDB 1.0.4, 1.1.2, 1.2.1, and the future 1.3.x series, all of which > include a specific fix. > > Work-Around: > Disable the Futon user interface completely, by adapting `local.ini` and > restarting CouchDB: > > [httpd_global_handlers] > _utils = {couch_httpd_misc_handlers, handle_welcome_req, > <<"Forbidden">>} > > Or by removing the UI test suite components: > > share/www/verify_install.html > share/www/couch_tests.html > share/www/custom_test.html > > Acknowledgement: > This vulnerability was discovered & reported to the Apache Software > Foundation > by Frederik Braun https://frederik-braun.com/ > > Jan Lehnardt > -- > >
