Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-4503
HistoryJul 23, 2014 - 2:55 p.m.

CVE-2014-4503

2014-07-2314:55:06
CWE-20
[email protected]
web.nvd.nist.gov
15
cve-2014-4503
parse_notify function
denial of service
vulnerability
sgminer
cgminer
nvd
security advisory

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.

Affected configurations

NVD
Node
sgminer_projectsgminerRange4.2.1
OR
sgminer_projectsgminerMatch4.0.0
OR
sgminer_projectsgminerMatch4.1.0
OR
sgminer_projectsgminerMatch4.1.153
OR
sgminer_projectsgminerMatch4.1.242
OR
sgminer_projectsgminerMatch4.1.271
OR
sgminer_projectsgminerMatch4.2.0
Node
cgminer_projectcgminerMatch3.3.0
OR
cgminer_projectcgminerMatch3.3.1
OR
cgminer_projectcgminerMatch3.3.2
OR
cgminer_projectcgminerMatch3.3.3
OR
cgminer_projectcgminerMatch3.3.4
OR
cgminer_projectcgminerMatch3.4.0
OR
cgminer_projectcgminerMatch3.4.1
OR
cgminer_projectcgminerMatch3.4.2
OR
cgminer_projectcgminerMatch3.4.3
OR
cgminer_projectcgminerMatch3.5.0
OR
cgminer_projectcgminerMatch3.5.1
OR
cgminer_projectcgminerMatch3.6.0
OR
cgminer_projectcgminerMatch3.6.1
OR
cgminer_projectcgminerMatch3.6.2
OR
cgminer_projectcgminerMatch3.6.3
OR
cgminer_projectcgminerMatch3.6.4
OR
cgminer_projectcgminerMatch3.7.0
OR
cgminer_projectcgminerMatch3.7.1
OR
cgminer_projectcgminerMatch3.7.2
OR
cgminer_projectcgminerMatch3.8.0
OR
cgminer_projectcgminerMatch3.8.1
OR
cgminer_projectcgminerMatch3.8.2
OR
cgminer_projectcgminerMatch3.8.3
OR
cgminer_projectcgminerMatch3.8.4
OR
cgminer_projectcgminerMatch3.8.5
OR
cgminer_projectcgminerMatch3.9.0
OR
cgminer_projectcgminerMatch3.10.0
OR
cgminer_projectcgminerMatch3.11.0
OR
cgminer_projectcgminerMatch3.12.0
OR
cgminer_projectcgminerMatch3.12.1
OR
cgminer_projectcgminerMatch3.12.2
OR
cgminer_projectcgminerMatch3.12.3
OR
cgminer_projectcgminerMatch4.0.0
OR
cgminer_projectcgminerMatch4.0.1

Related

cvelist 1
ubuntucve 1
nvd 1
prion 1
debiancve 1
cvelist
cvelist
CVE-2014-4503
2014-07-23 14:00:00
ubuntucve
ubuntucve
CVE-2014-4503
2014-07-23 00:00:00
nvd
nvd
CVE-2014-4503
2014-07-23 14:55:06
prion
prion
Design/Logic Flaw
2014-07-23 14:55:00
debiancve
debiancve
CVE-2014-4503
2014-07-23 14:55:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON
Related for CVE-2014-4503
cvelist1ubuntucve1nvd1prion1debiancve1