CVE-2014-4501
23.07.2014, 14:55
Multiple stack-based buffer overflows in sgminer before 4.2.2, cgminer before 4.3.5, and BFGMiner before 3.3.0 allow remote pool servers to have unspecified impact via a long URL in a client.reconnect stratum message to the (1) extract_sockaddr or (2) parse_reconnect functions in util.c.Enginsight
| Vendor | Product | Version |
|---|---|---|
| sgminer_project | sgminer | 𝑥 ≤ 4.2.1 |
| sgminer_project | sgminer | 4.0.0 |
| sgminer_project | sgminer | 4.1.0 |
| sgminer_project | sgminer | 4.1.153 |
| sgminer_project | sgminer | 4.1.242 |
| sgminer_project | sgminer | 4.1.271 |
| sgminer_project | sgminer | 4.2.0 |
| cgminer_project | cgminer | 𝑥 ≤ 4.3.4 |
| cgminer_project | cgminer | 4.3.0 |
| cgminer_project | cgminer | 4.3.1 |
| cgminer_project | cgminer | 4.3.2 |
| cgminer_project | cgminer | 4.3.3 |
| bfgminer | bfgminer | 𝑥 ≤ 3.2.9 |
| bfgminer | bfgminer | 3.2.0 |
| bfgminer | bfgminer | 3.2.1 |
| bfgminer | bfgminer | 3.2.2 |
| bfgminer | bfgminer | 3.2.3 |
| bfgminer | bfgminer | 3.2.4 |
| bfgminer | bfgminer | 3.2.5 |
| bfgminer | bfgminer | 3.2.6 |
| bfgminer | bfgminer | 3.2.7 |
| bfgminer | bfgminer | 3.2.8 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| bfgminer |
| ||||||||||||||||||||||||||
| cgminer |
|
Common Weakness Enumeration
References