CVE-2016-10725
published 2018-07-05CVE-2016-10725: In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because…
PriorityP337high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
2.50%
82.7th percentile
In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bitcoin | bitcoin-qt | < 0.13.0 | 0.13.0 |
| bitcoin | bitcoin_core | < 0.13.0 | 0.13.0 |
| bitcoin | bitcoind | < 0.13.0 | 0.13.0 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
arXiv
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin 'Forks' in the Wild
arxiv_fulltext·2022-01-21
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin 'Forks' in the Wild
Attack of the Clones: Measuring the Maintainability, Originality and Security of Bitcoin `Forks' in the Wild
Attack of the Clones
Jusop Choi1 Wonseok Choi1 William Aiken1 Hyoungshick Kim1 Jun Ho Huh2 Taesoo Kim3 Yongdae Kim4 Ross Anderson5
Jusop Choi et al.
Sungkyunkwan University, Republic of Korea Samsung Research, Republic of Korea Georgia Institute of Technology, USA Korea Advanced Institute of Science and Technology, Republic of Korea Cambridge University, UK
## Abstract
Since Bitcoin appeared in 2009, over 6,000 different cryptocurrency projects have followed. The cryptocurrency world may be the only technology where a massive number of competitors offer similar services yet claim unique benefits, including scalability, fast transactions, and security. But are these projects real
arXiv
CoinWatch: A Clone-Based Approach For Detecting Vulnerabilities in Cryptocurrencies
arxiv_fulltext·2020-10-28
CoinWatch: A Clone-Based Approach For Detecting Vulnerabilities in Cryptocurrencies
CoinWatch: A Clone-Based Approach For Detecting Vulnerabilities in Cryptocurrencies
2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Qingze Hum,2 Wei Jin Tan, Shi Ying Tey, Latasha Lenus
Singapore University of Technology and Design,
[email protected]
2cm
Ivan Homoliak
FIT, Brno University of Technology,
[email protected]
2.cm
Yun Lin
National University of Singapore,
[email protected]
2cm
Jun Sun
Singapore Management University,
sunjunhqq
https://bitcoin.org/en/posts/alert-key-and-vulnerabilities-disclosurehttps://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposureshttps://github.com/JinBean/CVE-Extensionhttps://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-July/016189.htmlhttps://bitcoin.org/en/posts/alert-key-and-vulnerabilities-disclosurehttps://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposureshttps://github.com/JinBean/CVE-Extensionhttps://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-July/016189.html
2018-07-05
Published