Candidate: CVE-2014-4503
PublicDate: 2014-07-23 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4503
 https://github.com/sgminer-dev/sgminer/commit/910c36089940e81fb85c65b8e63dcd2fac71470c
 http://seclists.org/fulldisclosure/2014/Jul/120
Description:
 The parse_notify function in util.c in sgminer before 4.2.2 and cgminer
 3.3.0 through 4.0.1 allows man-in-the-middle attackers to cause a denial of
 service (application exit) via a crafted (1) bbversion, (2) prev_hash, (3)
 nbit, or (4) ntime parameter in a mining.notify action stratum message.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_cgminer:
 other: https://github.com/sgminer-dev/sgminer/commit/910c36089940e81fb85c65b8e63dcd2fac71470c
upstream_cgminer: released (4.4.2)
lucid_cgminer: DNE
precise_cgminer: DNE
precise/esm_cgminer: DNE
trusty_cgminer: ignored (reached end-of-life)
trusty/esm_cgminer: DNE (trusty was needed)
utopic_cgminer: not-affected
vivid_cgminer: not-affected
vivid/stable-phone-overlay_cgminer: DNE
vivid/ubuntu-core_cgminer: DNE
wily_cgminer: not-affected
xenial_cgminer: not-affected
yakkety_cgminer: not-affected
zesty_cgminer: not-affected
artful_cgminer: not-affected
bionic_cgminer: not-affected
cosmic_cgminer: not-affected
disco_cgminer: not-affected
devel_cgminer: not-affected