CVE-2014-4503

sgminer <4.2.2-cgminer 3.3.0-4.0.1 - DoS

Title source: llm
STIX 2.1

Description

The parse_notify function in util.c in sgminer before 4.2.2 and cgminer 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3) nbit, or (4) ntime parameter in a mining.notify action stratum message.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jul/120

Scores

EPSS 0.0122
EPSS Percentile 65.1%

Details

CWE
CWE-20
Status published
Products (41)
cgminer_project/cgminer 3.3.0
cgminer_project/cgminer 3.3.1
cgminer_project/cgminer 3.3.2
cgminer_project/cgminer 3.3.3
cgminer_project/cgminer 3.3.4
cgminer_project/cgminer 3.4.0
cgminer_project/cgminer 3.4.1
cgminer_project/cgminer 3.4.2
cgminer_project/cgminer 3.4.3
cgminer_project/cgminer 3.5.0
... and 31 more
Published Jul 23, 2014
Tracked Since Feb 18, 2026