3 matches found
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...
CVE-2013-4165
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack...
CVE-2013-4165
CVE-2013-4165 affects bitcoind 0.8.1, where the HTTPAuthorized function in bitcoinrpc.cpp leaks timing information on the first incorrect password byte, enabling remote attackers to guess passwords via a timing side-channel. Impact: authenticated RPC password guessing vulnerability. Remediation: ...