CVE-2013-2293

Опубликовано: 12 мар. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attackers to cause a denial of service (disk I/O consumption) via a Bitcoin transaction with many inputs corresponding to many different parts of the stored block chain.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:bitcoin:bitcoin-qt:0.4:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.4.8:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0:rc1:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.5.0.4:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.5.1:rc1:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.5.3.0:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.6.0.10:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.6.3:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin-qt:0.7.1:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:*:*:*:*:*:*:*:*

Версия до 0.7.2 (включая)

cpe:2.3:a:bitcoin:bitcoin_core:0.3.4:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.3.5:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.3.8:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.3.10:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.3.11:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.3.12:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.0:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.1:rc6:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.3:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.4:rc2:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.5:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.6:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.4.7:rc2:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.0:rc:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.4:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.5:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.5.6:rc2:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.7:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.0.8:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoin_core:0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.4.4:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.5.7:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.6.0.0:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.6.0.10:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.6.3:*:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.6.4:rc4:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:bitcoin:bitcoind:0.7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00535

Низкий

5 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

CVE-2013-2293

debian

почти 13 лет назад

The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before ...

GHSA-9j45-qmfv-3g29

github

больше 3 лет назад