PT-2014-7117 · Tpruvot · Cpuminer
Mick Ayzenberg
·
Publicado
2014-10-25
·
Atualizado
2014-10-27
·
CVE-2014-6251
CVSS v2.0
6.0
Média
| Vetor | AV:N/AC:M/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
CPUMiner versions prior to 2.4.1
Description
A stack-based buffer overflow issue exists, allowing remote attackers to have an unspecified impact. This is achieved by sending a mining.subscribe response with a large
nonce2 length, followed by triggering the overflow with a mining.notify request.Recommendations
For versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cpuminer