Monthly Archives: August 2012

Remote Command Execution via CouchDB Admin Interfaces

The CouchDB administrative interface (/_utils) does not enforce authentication by default. All connecting users are considered administrators and can create, delete and modify databases as well as make global configuration changes. CouchDB refers to this configuration as the “Admin Party”. … Continue reading

Posted in Tools | Comments Off on Remote Command Execution via CouchDB Admin Interfaces