| .. Licensed under the Apache License, Version 2.0 (the "License"); you may not |
| .. use this file except in compliance with the License. You may obtain a copy of |
| .. the License at |
| .. |
| .. http://www.apache.org/licenses/LICENSE-2.0 |
| .. |
| .. Unless required by applicable law or agreed to in writing, software |
| .. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| .. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| .. License for the specific language governing permissions and limitations under |
| .. the License. |
| |
| .. _cve/2014-2668: |
| |
| ================================================================================== |
| CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids |
| ================================================================================== |
| |
| :Date: 26.03.2014 |
| |
| :Affected: Apache CouchDB releases up to and including 1.3.1, 1.4.0, |
| and 1.5.0 are vulnerable. |
| |
| :Severity: Moderate |
| |
| :Vendor: The Apache Software Foundation |
| |
| Description |
| =========== |
| |
| The :ref:`api/server/uuids` resource's `count` query parameter is able to take |
| unreasonable huge numeric value which leads to exhaustion of server resources |
| (CPU and memory) and to DoS as the result. |
| |
| Mitigation |
| ========== |
| |
| Upgrade to a supported CouchDB release that includes this fix, such as: |
| |
| - :ref:`1.5.1 <release/1.5.1>` |
| - :ref:`1.6.0 <release/1.6.0>` |
| |
| All listed releases have included a specific fix to |
| |
| Work-Around |
| =========== |
| |
| Disable the :ref:`api/server/uuids` handler completely, by adapting |
| `local.ini` and restarting CouchDB:: |
| |
| [httpd_global_handlers] |
| _uuids = |