Lucene search

CVE-2018-12018

🗓️ 05 Jul 2018 02:00:29Reported by [email protected]Type

The LES protocol in Go Ethereum (geth) before 1.8.11 allows attackers to crash a remote node by sending a malicious packet with a specific query value

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2018-12018	5 Jul 201802:00	–	cvelist
OSV	Go Ethereum LES protocol implementation vulnerable to Denial of Service	14 May 202203:01	–	osv
OSV	Panic due to improper validation of RPC messages in github.com/ethereum/go-ethereum	14 Apr 202120:04	–	osv
OSV	CVE-2018-12018	5 Jul 201802:29	–	osv
Veracode	Denial Of Service (DoS)	5 Jul 201811:55	–	veracode
CVE	CVE-2018-12018	5 Jul 201802:29	–	cve
Github Security Blog	Go Ethereum LES protocol implementation vulnerable to Denial of Service	14 May 202203:01	–	github
Prion	Integer overflow	5 Jul 201802:29	–	prion
seebug.org	EPoD: Ethereum Packet of Death (CVE-2018-12018)	9 Jul 201800:00	–	seebug

Nvd

Node

ethereum go_ethereumRange<1.8.11

Source	Link
github	www.github.com/ethereum/go-ethereum/releases/tag/v1.8.11
peckshield	www.peckshield.com/2018/06/27/EPoD/
github	www.github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed6359d119e4
github	www.github.com/ethereum/go-ethereum/pull/16891

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jul 2018 02:29Current

7.5High risk

Vulners AI Score7.5

CVSS25

CVSS37.5

EPSS0.005

CWE-129