4 matches found
CVE-2014-4502
Multiple heap-based buffer overflows in the parsenotify function in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 4.1.0 allow remote pool servers to have unspecified impact via a 1 large or 2 negative value in the Extranonc2size parameter in a mining.subscribe response and a...
CVE-2014-4503
The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...
Design/Logic Flaw
The parsenotify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service application exit via a crafted 1 bbversion, 2 prevhash, 3 nbit, or 4 ntime parameter in a mining.notify action stratum message...
CVE-2014-4503
The CVE-2014-4503 issue affects the mining software sgminer (before 4.2.2) and cgminer (3.3.0 through 4.0.1). The vulnerability resides in parse_notify within util.c, enabling man-in-the-middle attackers to trigger a denial of service (application exit) via crafted parameters (bbversion, prev_has...