| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Aug 2010 17:52:10 +0200 From: Jan Lehnardt <jan@...che.org> To: dev@...chdb.apache.org Cc: user@...chdb.apache.org, security@...chdb.apache.org, security@...che.org, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache CouchDB 0.8.0 to 0.11.0 Description: Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. Mitigation: All users should upgrade to CouchDB 0.11.2 or 1.0.1. Upgrades from the 0.11.x and 0.10.x series should be seamless. Users on earlier versions should consult http://wiki.apache.org/couchdb/Breaking_changes Example: A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon. Unrelated, but in addition the JSONP API has been turned off by default to avoid potential information leakage. Credit: This CSRF issue was discovered by a source that wishes to stay anonymous. References: http://couchdb.apache.org/downloads.html http://wiki.apache.org/couchdb/Breaking_changes http://en.wikipedia.org/wiki/Cross-site_request_forgery Jan Lehnardt --
Powered by blists - more mailing lists