Lucene search
MitreCVE-2014-4503HistoryJul 23, 2014 - 2:55 p.m.
CVE-2014-4503
2014-07-2314:55:06
CWE-20
mitre
web.nvd.nist.gov
17
cve-2014-4503
parse_notify function
denial of service
vulnerability
sgminer
cgminer
nvd
security advisory
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
34.7%
The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.
Affected configurations
Node
sgminer_projectsgminerRange≤4.2.1
ORsgminer_projectsgminerMatch4.0.0
ORsgminer_projectsgminerMatch4.1.0
ORsgminer_projectsgminerMatch4.1.153
ORsgminer_projectsgminerMatch4.1.242
ORsgminer_projectsgminerMatch4.1.271
ORsgminer_projectsgminerMatch4.2.0
Node
cgminer_projectcgminerMatch3.3.0
ORcgminer_projectcgminerMatch3.3.1
ORcgminer_projectcgminerMatch3.3.2
ORcgminer_projectcgminerMatch3.3.3
ORcgminer_projectcgminerMatch3.3.4
ORcgminer_projectcgminerMatch3.4.0
ORcgminer_projectcgminerMatch3.4.1
ORcgminer_projectcgminerMatch3.4.2
ORcgminer_projectcgminerMatch3.4.3
ORcgminer_projectcgminerMatch3.5.0
ORcgminer_projectcgminerMatch3.5.1
ORcgminer_projectcgminerMatch3.6.0
ORcgminer_projectcgminerMatch3.6.1
ORcgminer_projectcgminerMatch3.6.2
ORcgminer_projectcgminerMatch3.6.3
ORcgminer_projectcgminerMatch3.6.4
ORcgminer_projectcgminerMatch3.7.0
ORcgminer_projectcgminerMatch3.7.1
ORcgminer_projectcgminerMatch3.7.2
ORcgminer_projectcgminerMatch3.8.0
ORcgminer_projectcgminerMatch3.8.1
ORcgminer_projectcgminerMatch3.8.2
ORcgminer_projectcgminerMatch3.8.3
ORcgminer_projectcgminerMatch3.8.4
ORcgminer_projectcgminerMatch3.8.5
ORcgminer_projectcgminerMatch3.9.0
ORcgminer_projectcgminerMatch3.10.0
ORcgminer_projectcgminerMatch3.11.0
ORcgminer_projectcgminerMatch3.12.0
ORcgminer_projectcgminerMatch3.12.1
ORcgminer_projectcgminerMatch3.12.2
ORcgminer_projectcgminerMatch3.12.3
ORcgminer_projectcgminerMatch4.0.0
ORcgminer_projectcgminerMatch4.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sgminer_project | sgminer | * | cpe:2.3:a:sgminer_project:sgminer:*:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.0.0 | cpe:2.3:a:sgminer_project:sgminer:4.0.0:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.1.0 | cpe:2.3:a:sgminer_project:sgminer:4.1.0:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.1.153 | cpe:2.3:a:sgminer_project:sgminer:4.1.153:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.1.242 | cpe:2.3:a:sgminer_project:sgminer:4.1.242:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.1.271 | cpe:2.3:a:sgminer_project:sgminer:4.1.271:*:*:*:*:*:*:* |
| sgminer_project | sgminer | 4.2.0 | cpe:2.3:a:sgminer_project:sgminer:4.2.0:*:*:*:*:*:*:* |
| cgminer_project | cgminer | 3.3.0 | cpe:2.3:a:cgminer_project:cgminer:3.3.0:*:*:*:*:*:*:* |
| cgminer_project | cgminer | 3.3.1 | cpe:2.3:a:cgminer_project:cgminer:3.3.1:*:*:*:*:*:*:* |
| cgminer_project | cgminer | 3.3.2 | cpe:2.3:a:cgminer_project:cgminer:3.3.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-4503
2014-07-23 14:00:00
prion
prion
Design/Logic Flaw
2014-07-23 14:55:00
ubuntucve
ubuntucve
CVE-2014-4503
2014-07-23 00:00:00
nvd
nvd
CVE-2014-4503
2014-07-23 14:55:06
debiancve
debiancve
CVE-2014-4503
2014-07-23 14:55:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
34.7%
Related for CVE-2014-4503