2 matches found
CVE-2018-17071
The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entrynumber. This variable is private, yet it is readable by eth.getStorageAt function. Also, attackers can purchase a tick...
CVE-2018-17071
The CVE (CVE-2018-17071) concerns the fallback function of a simple lottery smart contract used in Lucky9io, an Ethereum gambling game. The vulnerability arises because the contract generates a random value using the publicly readable storage variable entry_number, which is privately defined but ...