One very popular Russian IT resource published a well written description of a known Erlang cookie vulnerability – with a recipe on how to exploit it to gain control over Couch.
Looks like the CouchDB manual isn’t very verbose about that issue, the only mention is a recommendation about protecting Erlang cookie if a user has 4369 open. Shouldn’t that recommendation be emitted into the CouchDB installer? ermouth
