The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack.
CPE | Name | Operator | Version |
---|---|---|---|
bitcoin_core | eq | 0.8.1 |