Lucene search
Immunity CanvasCOUCHDB_ROLESHistoryNov 14, 2017 - 8:29 p.m.
Immunity Canvas: COUCHDB_ROLES
2017-11-1420:29:00
Immunity Canvas
exploitlist.immunityinc.com
544
0.974 High
EPSS
Percentile
99.9%
| Name | couchdb_roles |
|---|---|
| CVE | CVE-2017-12635 Exploit Pack |
| VENDOR: http://couchdb.apache.org/ | |
| Notes: | |
| 12/8/2017 | |
| Windows 10 / CouchDB 2.0.0 - Exploit created | |
| Ubuntu 14.04 / CouchDB 1.5.0 - Exploit created |
IMPORTANT NOTE:
If the exploit does not get you a shell, look in the Canvas log to see
if the exploit successfully created an administrative user. With that
user, you can log in to the admin panel of your target and programs
to start under the os_daemons key, as well as view other data.
IMPORTANT NOTE:
A _users database must be created by a previous admin for this exploit
to work.
Repeatability: Infinite
References: [‘https://justi.cz/security/2017/11/14/couchdb-rce-npm.html’, ‘http://www.securityfocus.com/bid/101868’]
CVE URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12635
Related
seebug
seebug
Remote Code Execution in CouchDB(CVE-2017-12635)
2017-11-16 00:00:00
exploitpack
exploitpack
Apache CouchDB 1.7.0 2.x 2.1.1 - Remote Privilege Escalation
2018-04-23 00:00:00
Apache CouchDB 2.1.0 - Remote Code Execution
2018-06-20 00:00:00
zdt
zdt
Apache #CouchDB Arbitrary Command Execution Exploit
2018-07-13 00:00:00
Apache CouchDB Remote Code Execution Vulnerability
2017-11-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Apache CouchDB JSON Remote Privilege Escalation (CVE-2017-12635)
2017-12-18 00:00:00
gentoo
gentoo
CouchDB: Multiple vulnerabilities
2017-11-19 00:00:00
packetstorm
packetstorm
Apache CouchDB Remote Code Execution
2018-06-21 00:00:00
Apache CouchDB 1.7.0 / 2.x Remote Privilege Escalation
2018-04-23 00:00:00
Apache CouchDB Arbitrary Command Execution
2018-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: erlang-jiffy-0.14.13-1.fc27
2017-12-10 05:10:38
[SECURITY] Fedora 26 Update: erlang-jiffy-0.14.13-1.fc26
2017-12-09 22:28:56
[SECURITY] Fedora 26 Update: couchdb-1.7.1-3.fc26
2017-12-09 22:28:56
prion
prion
Design/Logic Flaw
2017-11-14 20:29:00
exploitdb
exploitdb
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
2018-04-23 00:00:00
Apache CouchDB - Arbitrary Command Execution (Metasploit)
2018-07-13 00:00:00
Apache CouchDB < 2.1.0 - Remote Code Execution
2018-06-20 00:00:00
openvas
openvas
Apache CouchDB 1.x < 1.7.0, 2.x < 2.1.1 Multiple Vulnerabilities - Linux
2017-11-16 00:00:00
Fedora Update for erlang-jiffy FEDORA-2017-a20d92573b
2017-12-10 00:00:00
Fedora Update for erlang-jiffy FEDORA-2017-d0a336a2a3
2017-12-10 00:00:00
debian
debian
[SECURITY] [DLA 1252-1] couchdb security update
2018-01-21 18:20:15
nvd
nvd
CVE-2017-12635
2017-11-14 20:29:00
nessus
nessus
Debian DLA-1252-1 : couchdb security update
2018-01-22 00:00:00
Fedora 27 : couchdb / erlang-jiffy (2017-a20d92573b)
2018-01-15 00:00:00
GLSA-201711-16 : CouchDB: Multiple vulnerabilities
2017-11-20 00:00:00
archlinux
archlinux
[ASA-201711-24] couchdb: multiple issues
2017-11-16 00:00:00
cve
cve
CVE-2017-12635
2017-11-14 20:29:00
metasploit
metasploit
Apache CouchDB Arbitrary Command Execution
2018-03-27 09:43:03
cvelist
cvelist
CVE-2017-12635
2017-11-14 00:00:00
ubuntucve
ubuntucve
CVE-2017-12635
2017-11-14 00:00:00
osv
osv
couchdb - security update
2018-01-21 00:00:00
CVE-2017-12635
2017-11-14 20:29:00
nuclei
nuclei
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
2021-02-15 13:31:56
freebsd
freebsd
couchdb -- multiple vulnerabilities
2017-11-14 00:00:00