CVE-2012-5641 - OpenCVE

Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the default URI.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Mochiweb Project	Mochiweb
Apache	Couchdb

Configuration 1 [-]

OR	cpe:2.3:a:apache:couchdb::::::::
	cpe:2.3:a:apache:couchdb:1.0.0:::::::*
	cpe:2.3:a:apache:couchdb:1.0.1:::::::*
	cpe:2.3:a:apache:couchdb:1.0.2:::::::*
	cpe:2.3:a:apache:couchdb:1.1.0:::::::*
	cpe:2.3:a:apache:couchdb:1.1.1:::::::*
	cpe:2.3:a:apache:couchdb:1.2.0:::::::*
	cpe:2.3:a:mochiweb_project:mochiweb::::::::
	cpe:2.3:a:mochiweb_project:mochiweb:2.1.0:::::::*
	cpe:2.3:a:mochiweb_project:mochiweb:2.2.0:::::::*
	cpe:2.3:a:mochiweb_project:mochiweb:2.2.1:::::::*
	cpe:2.3:a:mochiweb_project:mochiweb:2.3.0:::::::*
	cpe:2.3:a:mochiweb_project:mochiweb:2.3.1:::::::*

References

Link	Resource
http://seclists.org/fulldisclosure/2013/Jan/81
http://secunia.com/advisories/51765
http://www.securityfocus.com/bid/57313
https://exchange.xforce.ibmcloud.com/vulnerabilities/81240
https://github.com/melkote/mochiweb/commit/ac2bf	Exploit Patch
https://github.com/mochi/mochiweb/issues/92

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2014-03-18T14:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2012-10-24T00:00:00

Link: CVE-2012-5641

JSON object: View

NVD Information

Status : Modified

Published: 2014-03-18T17:02:49.637

Modified: 2017-08-29T01:32:43.433

Link: CVE-2012-5641

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the default URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "57313", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/57313"}, {"name": "20130114 CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2013/Jan/81"}, {"name": "51765", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51765"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/mochi/mochiweb/issues/92"}, {"name": "apache-couchdb-dir-traversal(81240)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81240"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/melkote/mochiweb/commit/ac2bf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-5641", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the default URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "57313", "refsource": "BID", "url": "http://www.securityfocus.com/bid/57313"}, {"name": "20130114 CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2013/Jan/81"}, {"name": "51765", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51765"}, {"name": "https://github.com/mochi/mochiweb/issues/92", "refsource": "CONFIRM", "url": "https://github.com/mochi/mochiweb/issues/92"}, {"name": "apache-couchdb-dir-traversal(81240)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81240"}, {"name": "https://github.com/melkote/mochiweb/commit/ac2bf", "refsource": "CONFIRM", "url": "https://github.com/melkote/mochiweb/commit/ac2bf"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-5641", "datePublished": "2014-03-18T14:00:00", "dateReserved": "2012-10-24T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6B47DCC-A6D4-452D-914D-2C3261022ECF", "versionEndIncluding": "1.0.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6572D2CB-472B-4CF0-B802-F52C12BA88BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0F3142CB-1AF1-456D-AF66-3701FECBD490", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "00AEAD55-82F4-4B18-A7DA-56B0D3EFAF3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3513A36D-5D92-4CDC-AA96-F3E2A390B493", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B49729E5-5B82-47AB-A9A6-5ED7C725591C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:couchdb:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4C2436A-0E85-44F8-9691-B193D8E3B8A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD552EB6-A95F-4B80-B5B1-FBAB83CBCC77", "versionEndIncluding": "2.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "172A46BC-F900-4407-8968-A28D10BEFC8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "91783915-10E5-4798-BF53-F8F14133FE86", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A4150C96-780E-45F7-A7BB-4B8C9331C8F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BBEBF7F-68BE-48E6-AE24-F1430296D63F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mochiweb_project:mochiweb:2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3DD416F-E07A-480B-9D66-EE001E1AB9AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the default URI."}, {"lang": "es", "value": "Vulnerabilidad de salto de directorio en la funci\u00f3n partition2 en mochiweb_util.erl en MochiWeb anterior a 2.4.0, utilizado en Apache CouchDB anterior a 1.0.4, 1.1.x anterior a 1.1.2 y 1.2.x anterior a 1.2.1, permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de un ..\\ (punto punto barra invertida) en la URI por defecto."}], "id": "CVE-2012-5641", "lastModified": "2017-08-29T01:32:43.433", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-03-18T17:02:49.637", "references": [{"source": "secalert@redhat.com", "url": "http://seclists.org/fulldisclosure/2013/Jan/81"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/51765"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/57313"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81240"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://github.com/melkote/mochiweb/commit/ac2bf"}, {"source": "secalert@redhat.com", "url": "https://github.com/mochi/mochiweb/issues/92"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}