Lucene search
K

10 matches found

Metasploit
Metasploit
added 2018/02/06 12:30 p.m.14 views

Claymore Dual GPU Miner Format String dos attack

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. !/usr/bin/env python3 -- coding: utf-8 - import socket import json...

Exploits0
exploitpack
exploitpack
added 2018/02/05 12:0 a.m.18 views

Claymore Dual GPU Miner 10.5 - Format String

Claymore Dual GPU Miner 10.5 - Format String Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the...

Exploits0
Exploit DB
Exploit DB
added 2018/02/05 12:0 a.m.36 views

Claymore Dual GPU Miner 10.5 - Format String

Claymore’s Dual GPU Miner 10.5 and below is vulnerable to a format strings vulnerability. This allows an unauthenticated attacker to read memory addresses, or immediately terminate the mining process causing a denial of service. After reading about the recent vulnerabilities with previous version...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/02/03 12:0 a.m.34 views

Claymore Dual GPU Miner 10.5 Format String

Claymore Dual Gpu Miner = 10.5 Format Strings Vulnerability ======================================================================= product: Claymore's Dual Miner vulnerable version: = 10.5 fixed version: 10.6 CVE number: - CVE-2018a6317 impact: critical homepage:...

9.1AI score0.44306EPSS
Exploits3
Prion
Prion
added 2017/12/05 9:29 a.m.19 views

Directory traversal

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...

8.5CVSS7.9AI score0.12889EPSS
Exploits4References3Affected Software1
NVD
NVD
added 2017/12/05 9:29 a.m.24 views

CVE-2017-16929

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...

8.5CVSS8AI score0.12889EPSS
Exploits4References3
Cvelist
Cvelist
added 2017/12/05 9:0 a.m.34 views

CVE-2017-16929

The remote management interface on the Claymore Dual GPU miner 10.1 is vulnerable to an authenticated directory traversal vulnerability exploited by issuing a specially crafted request, allowing a remote attacker to read/write arbitrary files. This can be exploited via ../ sequences in the pathna...

8AI score0.12889EPSS
Exploits4References3
Cvelist
Cvelist
added 2017/12/05 9:0 a.m.32 views

CVE-2017-16930

The remote management interface on the Claymore Dual GPU miner 10.1 allows an unauthenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the request handler. This can be exploited via a long API request that is mishandled during logging...

9.9AI score0.3434EPSS
Exploits4References3
CVE
CVE
added 2017/12/05 9:0 a.m.51 views

CVE-2017-16930

Claymore's Dual ETH miner (GPU) remote management interface in version 10.1 is affected by an unauthenticated stack-based buffer overflow triggered by logging an overly long API request. The vulnerability arises from logging via sprintf into a fixed-size 0x4000-byte buffer, enabling potential rem...

10CVSS9.7AI score0.3434EPSS
Exploits4References3Affected Software1
CVE
CVE
added 2017/12/05 9:0 a.m.50 views

CVE-2017-16929

The CVE-2017-16929 issue affects Claymore’s Dual ETH + DCR/SC/LBC/PASC GPU Miner (version 10.1 and earlier) where the remote management interface allows authenticated path traversal via miner_file/miner_getfile. The vulnerability arises from missing path validation, enabling an attacker to read/w...

8.5CVSS7.8AI score0.12889EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder