Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
sgminer和cgminer 输入验证漏洞
Vulnerability Description
sgminer和cgminer都是比特币挖矿软件。 sgminer 4.2.1及之前版本和cgminer 3.3.0至4.0.1版本中util.c文件中的‘parse_notify’函数存在安全漏洞,该漏洞源于mining.notify层消息没有充分过滤‘bbversion’、‘prev_hash’、‘nbit’或‘ntime’参数。攻击者可利用该漏洞实施中间人攻击,造成拒绝服务(应用程序退出)。
CVSS Information
N/A
Vulnerability Type
N/A