10 matches found
Claymore Dual GPU Miner Format String dos attack
Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. !/usr/bin/env python3 -- coding: utf-8 - import socket import json...
Claymore Dual GPU Miner 10.5 - Format String
Claymore Dual GPU Miner 10.5 - Format String Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the...
Claymore Dual GPU Miner 10.5 - Format String
Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the recent vulnerabilities with previous version...
Claymore Dual GPU Miner 10.5 Format String
Claymore Dual Gpu Miner = 10.5 Format Strings Vulnerability ======================================================================= product: Claymore's Dual Miner vulnerable version: = 10.5 fixed version: 10.6 CVE number: - CVE-2018a6317 impact: critical homepage:...
Directory traversal
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16929
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16929
The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...
CVE-2017-16930
The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging...
CVE-2017-16930
Claymore's Dual ETH miner (GPU) remote management interface in version 10.1 is affected by an unauthenticated stack-based buffer overflow triggered by logging an overly long API request. The vulnerability arises from logging via sprintf into a fixed-size 0x4000-byte buffer, enabling potential rem...
CVE-2017-16929
The CVE-2017-16929 issue affects Claymore’s Dual ETH + DCR/SC/LBC/PASC GPU Miner (version 10.1 and earlier) where the remote management interface allows authenticated path traversal via miner_file/miner_getfile. The vulnerability arises from missing path validation, enabling an attacker to read/w...