CVE-2012-1909
published 2012-08-06CVE-2012-1909: The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same…
PriorityP421medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.93%
85.3th percentile
The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same identifier, which allows remote attackers to cause a denial of service (unspendable transaction) by leveraging the ability to create a duplicate coinbase transaction.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bitcoin | bitcoin_core | <= 0.4.4 | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
| bitcoin | bitcoin_core | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
arXiv
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin 'Forks' in the Wild
arxiv_fulltext·2022-01-21
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin 'Forks' in the Wild
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin `Forks' in the Wild
Attack of the Clones
Jusop Choi1 Wonseok Choi1 William Aiken1 Hyoungshick Kim1 Jun Ho Huh2 Taesoo Kim3 Yongdae Kim4 Ross Anderson5
Jusop Choi et al.
Sungkyunkwan University, Republic of Korea Samsung Research, Republic of Korea Georgia Institute of Technology, USA Korea Advanced Institute of Science and Technology, Republic of Korea Cambridge University, UK
## Abstract
Since Bitcoin appeared in 2009, over 6,000 different cryptocurrency projects have followed. The cryptocurrency world may be the only technology where a massive number of competitors offer similar services yet claim unique benefits, including scalability, fast transactions, and security. But are these projects real
arXiv
Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities
arxiv_fulltext·2021-04-13
Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities
Coinbugs: Enumerating Common Blockchain Implementation-Level Vulnerabilities
Aleksandar Kircanski and Terence Tarvis\ Group
## Abstract
A good amount of effort has been dedicated to surveying and systematizing Ethereum smart contract security bug classes, see e.g. . There is, however, a gap in literature when it comes to surveying implementation-level security bugs that commonly occur in basic PoW blockchain node implementations, discovered during the first decade of Bitcoin's existence. This paper attempts to fill this void. In particular, if software which participates in a network by validating and generating new blocks is developed from scratch, WCGW - What Could Go Wrong?
Ten broad bug type categories are listed and for each category, known examples are linked. Blockchain, as desig
Unit42
Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350
blogs_unit42·2020-07-21·CVSS 10.0
CVE-2020-1350 [CRITICAL] Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350
## Executive Summary
In July 2020, Microsoft released a security update, CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability, for a new remote code execution (RCE) vulnerability.
This vulnerability exists within the Microsoft Windows Domain Name System (DNS) Server due to the improper handling of certain types of requests, specifically over port 53/TCP. Exploitation of this vulnerability is possible by creating an integer overflow, potentially leading to remote code execution.
This vulnerability only affects Windows DNS and the following builds of the Microsoft Windows operating system (OS):
- Windows Server 2008/2008 R2
- Windows Server 2012/2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server version 1803/1903/1909/2004 (Server Core installation)
#
http://r6.ca/blog/20120206T005236Z.htmlhttp://sourceforge.net/mailarchive/forum.php?thread_name=CAPg%2BsBhmGHnMResVxPDZdfpmWTb9uqD0RrQD7oSXBQq7oHpm8g%40mail.gmail.com&forum_name=bitcoin-developmenthttps://bitcointalk.org/index.php?topic=67738.0https://bugs.gentoo.org/show_bug.cgi?id=407793https://en.bitcoin.it/wiki/BIP_0030https://en.bitcoin.it/wiki/CVEshttps://github.com/sipa/bitcoin/commit/a206b0ea12eb4606b93323268fc81a4f1f952531http://r6.ca/blog/20120206T005236Z.htmlhttp://sourceforge.net/mailarchive/forum.php?thread_name=CAPg%2BsBhmGHnMResVxPDZdfpmWTb9uqD0RrQD7oSXBQq7oHpm8g%40mail.gmail.com&forum_name=bitcoin-developmenthttps://bitcointalk.org/index.php?topic=67738.0https://bugs.gentoo.org/show_bug.cgi?id=407793https://en.bitcoin.it/wiki/BIP_0030https://en.bitcoin.it/wiki/CVEshttps://github.com/sipa/bitcoin/commit/a206b0ea12eb4606b93323268fc81a4f1f952531
2012-08-06
Published