26 matches found
EUVD-2014-4428
Malware in sbrugna...
EUVD-2014-4429
Malware in sbrugna...
EUVD-2014-4430
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-10058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buff...
Linux Distros Unpatched Vulnerability : CVE-2018-10057
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary...
SUSE CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
SUSE CVE-2018-10058
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...
cgminer and bfgminer absolute directory traversal vulnerability
Both cgminer and bfgminer are bitcoin mining software. A path traversal vulnerability exists in the remote management interface in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to write a mining machine configuration file to an arbitrary...
cgminer and bfgminer buffer overflow vulnerability
Both cgminer and bfgminer are bitcoin mining software. A stack buffer overflow vulnerability exists in addpool, failover-only, poolquota, and save command handlers in cgminer version 4.10.0 and bfgminer version 5.5.0. A remote attacker could exploit this vulnerability to execute arbitrary code...
CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
Directory traversal
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
UBUNTU-CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
UBUNTU-CVE-2018-10058
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers...
CVE-2018-10057
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions absolute directory traversal...
CVE-2018-10058
CVE-2018-10058 affects cgminer 4.10.0 and bfgminer 5.5.0. The vulnerability is a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers, allowing an authenticated remote attacker to execute arbitrary code. The connected sources consistently describe an aut...
CVE-2018-10057
Removed by vendor...
CVE-2018-10057
The CVE-2018-10057 issue affects cgminer 4.10.0 and bfgminer 5.5.0, where the remote management interface allows an authenticated attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). Impact is the p...
CVE-2014-4503
The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...
CVE-2014-4501
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the 1 extractsockaddr or 2 parsereconnect functions in util.c...
Design/Logic Flaw
The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...