PT-2018-10132 · Z Nomp · Z-Nomp
Publicado
2018-05-09
·
Atualizado
2018-06-18
·
CVE-2018-10831
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Z-NOMP versions prior to 2018-04-05
Description
The issue allows attackers to spoof mining shares by providing a solution with specific values, such as
x1=1, x2=1, x3=1, ..., x512=1, to bypass the verifier for any blockheader. This originally affected cryptocurrencies like Bitcoin Gold and Zcash, and was exploited in the wild in May 2018 against smaller cryptocurrencies.Recommendations
For Z-NOMP versions prior to 2018-04-05, update to a version released after 2018-04-05 to resolve the issue.
Exploit
Correção
Use of a Broken Cryptographic Algorithm
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Z-Nomp