Lucene search

[email protected]NVD:CVE-2014-4503

HistoryJul 23, 2014 - 2:55 p.m.

CVE-2014-4503

2014-07-2314:55:06

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

34.7%

JSON

The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.

Affected configurations

Nvd

Node

sgminer_projectsgminerRange≤4.2.1

sgminer_projectsgminerMatch4.0.0

sgminer_projectsgminerMatch4.1.0

sgminer_projectsgminerMatch4.1.153

sgminer_projectsgminerMatch4.1.242

sgminer_projectsgminerMatch4.1.271

sgminer_projectsgminerMatch4.2.0

Node

cgminer_projectcgminerMatch3.3.0

cgminer_projectcgminerMatch3.3.1

cgminer_projectcgminerMatch3.3.2

cgminer_projectcgminerMatch3.3.3

cgminer_projectcgminerMatch3.3.4

cgminer_projectcgminerMatch3.4.0

cgminer_projectcgminerMatch3.4.1

cgminer_projectcgminerMatch3.4.2

cgminer_projectcgminerMatch3.4.3

cgminer_projectcgminerMatch3.5.0

cgminer_projectcgminerMatch3.5.1

cgminer_projectcgminerMatch3.6.0

cgminer_projectcgminerMatch3.6.1

cgminer_projectcgminerMatch3.6.2

cgminer_projectcgminerMatch3.6.3

cgminer_projectcgminerMatch3.6.4

cgminer_projectcgminerMatch3.7.0

cgminer_projectcgminerMatch3.7.1

cgminer_projectcgminerMatch3.7.2

cgminer_projectcgminerMatch3.8.0

cgminer_projectcgminerMatch3.8.1

cgminer_projectcgminerMatch3.8.2

cgminer_projectcgminerMatch3.8.3

cgminer_projectcgminerMatch3.8.4

cgminer_projectcgminerMatch3.8.5

cgminer_projectcgminerMatch3.9.0

cgminer_projectcgminerMatch3.10.0

cgminer_projectcgminerMatch3.11.0

cgminer_projectcgminerMatch3.12.0

cgminer_projectcgminerMatch3.12.1

cgminer_projectcgminerMatch3.12.2

cgminer_projectcgminerMatch3.12.3

cgminer_projectcgminerMatch4.0.0

cgminer_projectcgminerMatch4.0.1

VendorProductVersionCPE
sgminer_projectsgminer*cpe:2.3:a:sgminer_project:sgminer:*:*:*:*:*:*:*:*
sgminer_projectsgminer4.0.0cpe:2.3:a:sgminer_project:sgminer:4.0.0:*:*:*:*:*:*:*
sgminer_projectsgminer4.1.0cpe:2.3:a:sgminer_project:sgminer:4.1.0:*:*:*:*:*:*:*
sgminer_projectsgminer4.1.153cpe:2.3:a:sgminer_project:sgminer:4.1.153:*:*:*:*:*:*:*
sgminer_projectsgminer4.1.242cpe:2.3:a:sgminer_project:sgminer:4.1.242:*:*:*:*:*:*:*
sgminer_projectsgminer4.1.271cpe:2.3:a:sgminer_project:sgminer:4.1.271:*:*:*:*:*:*:*
sgminer_projectsgminer4.2.0cpe:2.3:a:sgminer_project:sgminer:4.2.0:*:*:*:*:*:*:*
cgminer_projectcgminer3.3.0cpe:2.3:a:cgminer_project:cgminer:3.3.0:*:*:*:*:*:*:*
cgminer_projectcgminer3.3.1cpe:2.3:a:cgminer_project:cgminer:3.3.1:*:*:*:*:*:*:*
cgminer_projectcgminer3.3.2cpe:2.3:a:cgminer_project:cgminer:3.3.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sgminer_project	sgminer	*	cpe:2.3:a:sgminer_project:sgminer::::::::
sgminer_project	sgminer	4.0.0	cpe:2.3:a:sgminer_project:sgminer:4.0.0:::::::*
sgminer_project	sgminer	4.1.0	cpe:2.3:a:sgminer_project:sgminer:4.1.0:::::::*
sgminer_project	sgminer	4.1.153	cpe:2.3:a:sgminer_project:sgminer:4.1.153:::::::*
sgminer_project	sgminer	4.1.242	cpe:2.3:a:sgminer_project:sgminer:4.1.242:::::::*
sgminer_project	sgminer	4.1.271	cpe:2.3:a:sgminer_project:sgminer:4.1.271:::::::*
sgminer_project	sgminer	4.2.0	cpe:2.3:a:sgminer_project:sgminer:4.2.0:::::::*
cgminer_project	cgminer	3.3.0	cpe:2.3:a:cgminer_project:cgminer:3.3.0:::::::*
cgminer_project	cgminer	3.3.1	cpe:2.3:a:cgminer_project:cgminer:3.3.1:::::::*
cgminer_project	cgminer	3.3.2	cpe:2.3:a:cgminer_project:cgminer:3.3.2:::::::*