Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ziftr primecoin bitcoinrpc.cpp HTTPAuthorized timing discrepancy
Vulnerability Description
A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.8.4rc2 is able to address this issue. The patch is named cdb3441b5cd2c1bae49fae671dc4a496f7c96322. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217171.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
Primecoin 安全漏洞
Vulnerability Description
Primecoin是Ziftr开源的一种实验性加密货币。 Primecoin 0.8.4rc1版本及之前版本存在安全漏洞,该漏洞源于对参数strUserPass/strRPCUserColonPass的错误操作会导致明显的时间差异。
CVSS Information
N/A
Vulnerability Type
N/A