26 matches found
EUVD-2014-4428
Malware in sbrugna...
EUVD-2014-4430
Malware in sbrugna...
EUVD-2014-4429
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-10057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2018-10058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buff...
SUSE CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
SUSE CVE-2018-10058
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...
cgminer and bfgminer buffer overflow vulnerability
Both cgminer and bfgminer are bitcoin mining software. A stack buffer overflow vulnerability exists in addpool, failover-only, poolquota, and save command handlers in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to execute arbitrary code...
cgminer and bfgminer absolute directory traversal vulnerability
Both cgminer and bfgminer are bitcoin mining software. A path traversal vulnerability exists in the remote management interface in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to write a mining machine configuration file to an arbitrary...
CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
UBUNTU-CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
UBUNTU-CVE-2018-10058
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...
Directory traversal
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
CVE-2018-10057
The CVE-2018-10057 issue affects cgminer 4.10.0 and bfgminer 5.5.0, where the remote management interface allows an authenticated attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). Impact is the p...
CVE-2018-10057
Removed by vendor...
CVE-2018-10058
CVE-2018-10058 affects cgminer 4.10.0 and bfgminer 5.5.0. The vulnerability is a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers, allowing an authenticated remote attacker to execute arbitrary code. The connected sources consistently describe an aut...
CVE-2014-4503
The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...
CVE-2014-4501
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...
CVE-2014-4502
Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...