Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Bitcoin bitcoind ‘bitcoinrpc.cpp’ 密码信息泄露漏洞
Vulnerability Description
Bitcoin(比特币)是Bitcoin基金会的一种用开源的P2P软件开发的电子货币、数字货币,是一种网络虚拟货币。bitcoind是一个简洁的比特币客户端版本。 bitcoind 0.8.1版本中的bitcoinrpc.cpp文件中的‘HTTPAuthorized’函数中存在安全漏洞,该漏洞源于函数匹配密码采用一个字节一个字节对比。远程攻击者可通过时序攻击利用该漏洞确认密码。
CVSS Information
N/A
Vulnerability Type
N/A