CVE-2013-10006

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. Upgrading to version 0.8.4rc2 is able to address this issue. The name of the patch is cdb3441b5cd2c1bae49fae671dc4a496f7c96322. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217171.
References
Link Resource
https://vuldb.com/?ctiid.217171 Permissions Required Third Party Advisory
https://vuldb.com/?id.217171 Permissions Required Third Party Advisory
https://github.com/Ziftr/primecoin/releases/tag/v0.8.4rc2 Release Notes Third Party Advisory
https://github.com/Ziftr/primecoin/commit/cdb3441b5cd2c1bae49fae671dc4a496f7c96322 Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ziftrshop:primecoin:*:*:*:*:*:*:*:*
cpe:2.3:a:ziftrshop:primecoin:0.8.4:rc1:*:*:*:*:*:*

Information

Published : 2023-01-01 09:15

Updated : 2023-01-09 09:50


NVD link : CVE-2013-10006

Mitre link : CVE-2013-10006


JSON object : View

CWE
CWE-203

Observable Discrepancy

Advertisement

dedicated server usa

Products Affected

ziftrshop

  • primecoin