EUVD-2014-4428

Malware in sbrugna...

EUVD-2014-4429

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-10058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buff...

Linux Distros Unpatched Vulnerability : CVE-2018-10057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary...

SUSE CVE-2018-10057

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...

SUSE CVE-2018-10058

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...

cgminer and bfgminer absolute directory traversal vulnerability

Both cgminer and bfgminer are bitcoin mining software. A path traversal vulnerability exists in the remote management interface in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to write a mining machine configuration file to an arbitrary...

cgminer and bfgminer buffer overflow vulnerability

Both cgminer and bfgminer are bitcoin mining software. A stack buffer overflow vulnerability exists in addpool, failover-only, poolquota, and save command handlers in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to execute arbitrary code...

CVE-2018-10057

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...

Directory traversal

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...

UBUNTU-CVE-2018-10057

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...

UBUNTU-CVE-2018-10058

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...

CVE-2018-10057

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...

CVE-2018-10058

CVE-2018-10058 affects cgminer 4.10.0 and bfgminer 5.5.0. The vulnerability is a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers, allowing an authenticated remote attacker to execute arbitrary code. The connected sources consistently describe an aut...

CVE-2018-10057

Removed by vendor...

CVE-2018-10057

The CVE-2018-10057 issue affects cgminer 4.10.0 and bfgminer 5.5.0, where the remote management interface allows an authenticated attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). Impact is the p...

CVE-2014-4501

Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...

CVE-2014-4502

Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...

CVE-2014-4502

CVE-2014-4502 involves multiple heap-based buffer overflows in the parse_notify function affecting sgminer < 4.2.2, cgminer < 4.3.5, and BFGMiner

CVE-2014-4501

The CVE affects multiple mining tools: sgminer , cgminer , and BFGMiner . A vulnerability in the long URL handling within the Stratum client.reconnect path allows multiple stack-based buffer overflows via the (1) extract_sockaddr or (2) parse_reconnect functions in util.c, enabling a remotely sen...