[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue

To: dev@xxxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue
From: Jan Lehnardt <jan@xxxxxxxxxx>
Date: Fri, 28 Jan 2011 22:22:45 +0100

CVE-2010-3854: Apache CouchDB Cross Site Scripting Issue

Severity: Important

Vendor:
The Apache Software Foundation

Versions Affected:
Apache CouchDB 0.8.0 to 1.0.1

Description:
Apache CouchDB versions prior to version 1.0.2 are vulnerable to
cross site scripting (XSS) attacks.

Mitigation:
All users should upgrade to CouchDB 1.0.2. Upgrades from the 0.11.x
and 0.10.x series should be seamless. Users on earlier versions 
should consult http://wiki.apache.org/couchdb/Breaking_changes

Example:
Due to inadequate validation of request parameters and cookie data in
Futon, CouchDB's web-based administration UI, a malicious site can
execute arbitrary code in the context of a user's browsing session.

Credit:
This XSS issue was discovered by a source that wishes to stay 
anonymous.

References:
http://couchdb.apache.org/downloads.html
http://wiki.apache.org/couchdb/Breaking_changes
http://en.wikipedia.org/wiki/Cross-site_scripting

Jan Lehnardt
-- 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] TELUS Security Labs VR - Symantec Antivirus Intel Alert Handler Service Denial of Service
Next by Date: Re: [Full-disclosure] sourceforge entry point seems still active.
Previous by thread: [Full-disclosure] TELUS Security Labs VR - Symantec Antivirus Intel Alert Handler Service Denial of Service
Next by thread: [Full-disclosure] [SECURITY] [DSA-2154-1] exim4 security update
Index(es):
- Date
- Thread