Lucene search
+L

127 matches found

Prion
Prion
added 2013/08/02 12:10 p.m.19 views

Design/Logic Flaw

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product versions...

5CVSS7.1AI score0.01971EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2013/08/02 12:10 p.m.17 views

Authentication flaw

The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...

4.3CVSS7AI score0.02278EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/08/02 12:10 p.m.23 views

CVE-2013-4165

The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...

4.3CVSS5.9AI score0.02278EPSS
Exploits0References2
CVE
CVE
added 2013/08/01 4:0 p.m.52 views

CVE-2013-3219

CVE-2013-3219 affects bitcoind/Bitcoin-Qt 0.8.x prior to 0.8.1. The root cause is failure to enforce a block protocol rule, enabling remote attackers to bypass access restrictions and attempt double-spending via a large block that triggers incorrect Berkeley DB locking in older builds. Remediatio...

5CVSS6.8AI score0.01971EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/08/01 4:0 p.m.28 views

CVE-2013-3220

bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service split an...

6.6AI score0.02378EPSS
Exploits0References2
CVE
CVE
added 2013/08/01 4:0 p.m.53 views

CVE-2013-3220

CVE-2013-3220 affects bitcoind/Bitcoin-Qt (and wxBitcoin) across multiple older branches, where blocks of large size could trigger excessive Berkeley DB locking. This allows remote DoS (split) and certain double-spending capabilities. Affected versions include pre-0.4.9rc2, pre-0.5.8rc2, pre-0.6....

6.4CVSS6.8AI score0.02378EPSS
Exploits0References2Affected Software4
Cvelist
Cvelist
added 2013/08/01 4:0 p.m.25 views

CVE-2013-4627

Unspecified vulnerability in bitcoind and Bitcoin-Qt 0.8.x allows remote attackers to cause a denial of service memory consumption via a large amount of tx message data...

6.5AI score0.0193EPSS
Exploits0References1
CVE
CVE
added 2013/08/01 4:0 p.m.49 views

CVE-2013-4627

CVE-2013-4627 applies to bitcoind and Bitcoin-Qt 0.8.x. The vulnerability allows remote attackers to cause a denial of service by sending a large amount of tx message data, resulting in memory consumption. A patch/update was released (Bitcoin-Qt 0.8.4) to fix this DoS issue and related vulnerabil...

5CVSS6.7AI score0.0193EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2013/08/01 4:0 p.m.48 views

CVE-2013-4165

CVE-2013-4165 affects bitcoind 0.8.1, where the HTTPAuthorized function in bitcoinrpc.cpp leaks timing information on the first incorrect password byte, enabling remote attackers to guess passwords via a timing side-channel. Impact: authenticated RPC password guessing vulnerability. Remediation: ...

4.3CVSS6.6AI score0.02278EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/08/01 4:0 p.m.28 views

CVE-2013-3219

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product versions...

6.6AI score0.01971EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2013/08/01 4:0 p.m.39 views

CVE-2013-3219

Removed by vendor...

5CVSS7AI score0.01971EPSS
Exploits0
Debian CVE
Debian CVE
added 2013/08/01 4:0 p.m.30 views

CVE-2013-4165

Removed by vendor...

4.3CVSS6.9AI score0.02278EPSS
Exploits0
Cvelist
Cvelist
added 2013/08/01 4:0 p.m.19 views

CVE-2013-4165

The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...

6.4AI score0.02278EPSS
Exploits0References3
NVD
NVD
added 2013/03/12 11:28 a.m.18 views

CVE-2013-2273

bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain potentially sensitive information about returned change by leveraging certain predictability in th...

5CVSS6.2AI score0.0191EPSS
Exploits0References1
NVD
NVD
added 2013/03/12 11:28 a.m.21 views

CVE-2012-4684

The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service resource consumption via a valid modified signature for a...

7.8CVSS6.6AI score0.02857EPSS
Exploits0References4
NVD
NVD
added 2013/03/12 11:28 a.m.20 views

CVE-2013-2293

The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service disk I/O consumption via a Bitcoin transaction with many inputs...

5CVSS6.4AI score0.02535EPSS
Exploits0References3
NVD
NVD
added 2013/03/12 11:28 a.m.15 views

CVE-2013-2292

bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to cause a denial of service electricity consumption by mining a block to create a nonstandard Bitcoin transaction containing multiple OPCHECKSIG script opcodes...

7.8CVSS6.7AI score0.0255EPSS
Exploits0References2
NVD
NVD
added 2013/03/12 11:28 a.m.20 views

CVE-2013-2272

The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 allows remote attackers to determine associations between wallet...

5CVSS6.6AI score0.01888EPSS
Exploits0References2
Prion
Prion
added 2013/03/12 11:28 a.m.14 views

Code injection

bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to cause a denial of service electricity consumption by mining a block to create a nonstandard Bitcoin transaction containing multiple OPCHECKSIG script opcodes...

7.8CVSS7.2AI score0.0255EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2013/03/12 11:28 a.m.15 views

Design/Logic Flaw

The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 allows remote attackers to determine associations between wallet...

5CVSS7.1AI score0.01888EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder